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IW8E4>&< t fc 1 o(/)ni> k • i^^Att^— iM<s/ h 

PPPt-/^m, SEP P Pi^— '<fah&'Pte< t 
1 ocozn^ K • v^^jM^LTaHf PPPit 
*8«, U-*3> h * y u — M.cD^^mm^rv'^^^^ 

T N Hi oc/)xl> K • ^rA^Pj^p p p 

ii^f^(^it>f-f^7h • y^g* 

t?aS«S4x, itLtRI^KlBl^^baiPPPt- 
[f»*if 4] 3 l£|B*tf>* * h!7 — ^ *d*3V^ 

t\ eep p pt- ^^^bcop p pft#^, i£t^— a • >r 

ft Sjxi J: 5fcftotv^*s/ 

T&fiSn, ^LT»:l:S«»^fA^f)PPPt-^ 

[0 0 0 1 ] 
[0 0 0 2] 

[t£*&W] IS l l^tt3o(Dtr^-x • xyf^f^f 
3S\ ^ — i^<7>=3 >-tf^ — ^ 2 t^tt^f A 4 SraCT 

y-f<Dzf\s>( > • K • 7" i^^^- >- • >Xx 

A (POTS) , ^fcf^St^bi^-t:^ • 7*— ^ • *y 
(ISDN) Sr0f#L-CV^T|g«S^TV>S« 
IS^tt (t e 1 c o) -CfoS 0 tele o tt xl — if ffc 

STN) 6 0MtoeW^Iftt§ 0 



(2) 1-252183 

[0 0 0 3] f£2tDtfv^;* - m^^^f^ ^ $ 
^^•t-t^./n/qy (ISP) I 
S Pte-tCD*— fcTJX • ^y TO^i- 1 o£fcJ2-t;fX«± 
<397K-f ^ h • it? • ^Uif (POP) 8£I2tSLT 
V^T, ^tl^tat, ^fU^atLT^V K • xL-if^ 
s/ M7 — ^ • ^-^*«:#fcT»tt-t-5o ISPI4, a 

^#^ttib^y TO^f-POPSriS^-rSo POPiiP 

10 h • 0_b-e^^tt5xV v^WKiU:: 

fit^o -O'h^-^s/ h ■ Oiil S P 

^ctotpjft^tltl^^, MC I, Inc. t£¥(D<i 

tiS^^v^-ftt^-e&So ISPli, a?fS\ PSTNl: 
^t^)^l(7)tfc|:t e 1 c oT^b^ffl^W^fcte:^ 
(7>T 1 SfcliT 3(HJl^y^f^ 0 POP&JztMS 
P(DJ *f4T • X — 9 • — 1 ^ 12A^ 

tlTV^ 0 - -t^P—lt I S PCDtyx.? • i^- — 

^SrK*L, ISP^^^.nyr^, e * 
£lfV^7* • /^^^^r - tfx^r^i^ K • if 

ft^r^iaotiiDOt^Ct^t^^o IS 

sm*i"Sfcftic/u— ^ i 2 A*#£ffLTv^ 0 y^-— h 

xl— Ifli-tn-PiX^ tele oteJztf-en^ftO I S P 

-fiiff^pop^^f/uf5:^aot, 

— ^ (ietf) w^yh.y-.^^h.^Ph 
xi/u(ppp) t LX^lhtlX^^mim b^JV^m 
fr^<5 ^ <h l:J:ot, I spcr^t^i, ^coisp 

[0 0 0 4] 13©^'^^ .xyf^f^lt t^v 5 ^ 

y -=E~ h • T^i?^ • if — 1 6 H^tLtPOT S/ I 
SDNCOffaLSrtTtV ^It I ETF(7)P PP^P h 
^^^mi-t^ ~ t ^£r>X±MCD* v — 1 8^ 

v>Sffi(c) 7^t^tS^i*-e#5c ^kH^T ^ir^ 
~tZ>WiS, ^> K • xi. — if^H(0 y h • T ^ir^ 
• a<i 6lJ:»»i-S3^ h«ttS:*»5 0 ISPH 
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3 

>b?*y h 1 8*^lWy ^ • h 2 

— 9 1 2 B^lSUT^^o 
[0 0 0 5] K • 9*tt*aEtt«ISSr^Jt5fci{) 

^s-ffi t , a»o*^<o*BEm<o#ffla>pr*s: t e i 

c o (dS&5o £fc> K • ifte I S Pco^^/ h 

? — ^jsitft- tr^fcr j^-fe^f*fca6^*fflt i s 

Pl^tt5tA5o Sprint PCS, 

Prime C o & £*<D*&j**— tf* • ^fc*lJ/K 
^SttL, AOL, AT&T<7)Wo r 1 d n e t /«£ if CO 

[0 0 0 6] gut, -Y >*—*iy h • tr* ■ yo/^ 
^fi^Y >-^~ * y h ■ T^ir^ • -9— • 
• if— tfJ*, e ;>< — /U- • ir— tf X, n > 
y • **x-f ^ ■ tf-X, *5.ktfn — ^ is? (r o 
a m i n g) St^v K • if fc*f LTtlftt 5 0 

^ >"r— >a >-£r?T 5 I SPJi^ — 

mmtihiaz, m^n'oy—m s p^«to*a«>r^ 

#5 J: oiz-f&titfxny y ^ — v- 3 i sp{c*tb 
I s P«cnb^f*^ffi«*— tr^SrttoTfi"^ 
<9, tLt*3' M7-^©>f V75^ h7^f 

h Miitsr^!) > • if— tr^(o^^=f y 

^irx s • :/^-Y^<— h • ^5/ h 17 — 9 ^ p 

^t'yf^, l 1 ^, if— tf *3j;tJ? 

Sct#-e#5c I s PfiJ; coif— tf*£ N 



(3) 1 - 2 5 2 1 8 3 

4 

[0 0 0 7] 

V, -794 *<*-h • 4 ^h 1 ?* y his *y 
[0 0 0 8] *^fA(7)loW|Mlt ^t^r^ 

COPfltCtfffl^X T u n n e 1 z. t X* 

IXTunne 1 ^^^)V^^^^>Z tX*h% 0 £b 

aK— b-t&fctb\ZU^ -Y 2(D b>*V is if • hn;u 
(L2TP) Srifi5*fb"t-S^i:T?*>S 0 ^l:t9lo 
coi^jfi, p p Piiffir r >3 v^lfet^i}:, 

[0009] *pj^io(7)iifiia^^ t7- 

— ^ii, iN#®)^^Lir>^ — , ^h^e-^a^J:^ 1 
^rAtxy k • ^^t^ Afi-f— if^ jy h • y >-^£rg 

*LTav^^^S!^ttS4^Tv^s 0 ^/c, :^^h7-^ 

^ (iPP P^— /^^r^^-^, P P P-9—s<fatb^^ K • v- 
• 7^A(Dtf|;S»^(:j;oT*^t;Ht*^ 

-r— h • y ^^ist-xy k • ^f^i^it 
[0010] 

(DMBf—? • y >-^_b-C N ;<—^-rsu - ^^^-<— h 



332Dooo4 $\mm • 



5 

.fctf^-f h • 4 > h?*y mc*h-£ y ^e— h . 

— h • if- tf* • ^p/q^urn^t^ 
^ftcDv^^jM- £oTS{&£tLTV>£if— tr;*j&s 
. ^ h !7 — ^ • if— tf^SrffioT^v*— h^J: 

if'^^ipto^ v h£r^M~rs$£#££tif # 
— h"fS 0 t©* y h !7-^ ft* y • >f y 

LT^5^-f^^-^7hi«o :ti^ryy^r 

if • ■"<— ^OTWW7 ^ir^, *5J:Wyh7^y h(D 

[h] ^ffi^ztixh^mwz/^x . xs/y >r— v-3 ^ 

T • V ^/lste£r$*:<D±X*<DH. 3 2 3 ftifO^flB 
[001 l ] ftiKTM v^— h • y h • T^irx 

<^#«£>I9:Pg{-fc5 t^O^ LTfl N POTSfe^^I s 
DN, XD S LOT ^"fe^^*<5V^TV^5*UHHHfcO^ 
^t^r-7 7°'T^t^, GSM/CDMA/TDMA 

K£<5v*rv^M»@&£Sig!T ^i?*, gsm/cd 

MA/TDMAi:I^^TV^iI/^y h^W^MT? 

✓f-<— h-^^F t7 — n — ^ ^-tlr 
-Y n £5cfcU^— if*3j;t^if— tf;* • y<£>BIIig<7) 
^,£i-*f-rsif— if^cofiSttt^o^y ht7 — ^ • if — 

[0012] flAilff is**rJ» (PCS) 

KliPSTN^ItLtfl$t-t^6«(7)tI[HlI 
(7) t e 1 c o s tcJ;o-C*«^tbSif-t^^^-r-5 
C t^s-cgt £ s aWR'^s/ h^tft-r — * • T - if 

-f*&j|{fc-c#5 «t 5 ct5o l/t, *M»if— tr* - 

/n/M^§^gW h • if-tf;* . y 

<Ki*it5^ ^l^/cCt), ^— ifi-^J-Lr^^ K • ^ — • 



(4) 1 - 2 5 2 1 8 3 

6 

is K<Z)if-t^^Jl«-r5 0 

[0 0 13] ^>-^— h - if— tr* . /n;q^ 
fca&ln, *^x^Af2-r V^ — ^ 5/ h • if— tr* • ~7u 
^tft t e 1 c o s ^V^tS^i^t^^J; o 

. Koif-b^^^x-if ^^e^< t 

e 1 c o s fc»-J-6T^-fe^»AfcJpj|e-c*5 i 3^ 

S 0 

[0 0 14] *»KO*>^^Afi|fefttt^*,9, -r^^ 
-t-^'f-h^'/P^m/^, ISP, 
>^— ^s/ h^fcf4^^-r^<— h-sOVy^yV-T 

^ y y . if^t^^aiv K • a. — if tc^J-LTg^-rSif 

-tf^ . ^o^>f ^ictm«*tfcb+^r«BttdSfca 0 

y V • if-f^Srffi^-t-Slf-tr^ • yp/Wyi^S 
3lKS:tfc&"t"^: i#-C£5tfS, y Ny — ^ (dMB 

<Dt$&&f&<D i s p^/cfi-^^-r^— h • >r > h 

[0 0 15] E12{C*5V^T, xyp- ->XrA3 2 (/c 
<^ ^L^\ Win 95 CO/-?— V • n > fcfa — ^i^S 

^ ACiotxy K • z/x^J*&mfoT?±xfflffl (MA 

c) ©7 u— ^Sr^r • y 3 4±-eaift*5j;ws« 

H^"C*)!3, -t LXtzb /u— y • h^^-^^v 

^(48 0 2. 3, iflffl'>!ir;l/'^, /<9 ■ 
^— *fctt I SM«|y >?tj:i*<D^gt<D 

H^iotffiot, ^-— ifcop ct£#LTSMJM- 5: 
fc^s-e*5o ^rAli^^^hy^fc^PCM 
^ C I A^7— K-efcs^ L< , ^yy^byycD^ 

^tlf)(iMAC7^A^x7' y>^ 

«T>Tt^Ixf:7^^hy^ AClIUgSt 

^ioii^/^ if r**> o r t J; v \ 

[0016] j£«<7)4c*|^7x^u— ^#3£*JB3 6 J: o 
TSfft^tLSo S±fe^3 6fil 9 9 7¥l2fl2 6 0|i| 
ll^^[S#f^ttSlI^0 8/9 9 8, 5 0 
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T 

7r^|:J;oT|Wo il^teu PCS 

^~i?WdLfrh, ^(Di'X'rJ* (D&m&l&'te (M 
SC) 4 0 CMt^)^^ K • AO h 7 t ^ ^ 

W*ISi|*Sfctt'V>f * pSR/*^* — (b a c k h a 

ui) (igiS) ^^fy-^asltv/i/f/L/^^^ 

tooi7] ^^f^iixr • y y^<DMAC^J; 
r/PHY (ft® Ijoio^fiN^^^y^iiBSt 

/Kip) »*4rs> h^+^^tt^-eisi^-r^r tas-es 

4 0 (MS C 4 0) fC*3^T, ^ h • ^f—$ • >f > 

^-!7-^r>^«|«g (IWF) 5 2^ ^(D^yYV- 

fiztt-tzmBiyv ht^o i pa- 

— ^ 4 2 teMS C 4 0 ^/n^U y ^ . >f ^ 5/ h 4 

4, «>fyh7*y h46ifclW^- 

a, i wFfcitfr^^f^ y?/^ ^ is $ v y • * 

— 37;c — fflv^^^h^ (AM 

A) <d¥V • uxi — K • ^^-—-7 K *>5 Witt 
S^fl&Ojfi^J/^tf y >^ . 7t-^y hT% TCP/ I 
P (h7y^#-h9J»7 p Ph3yi//>fy^^5/h • 
h^^^/K— hiTJN-^lf*^^^^ (El 

[0019] ^^h^ — ^CO^O-^^^h^^^^^p 

p p (#>r >- h • - WyF-^F tr 

^^ x y K • V^t^ Ai^^f UTt§#^"t"-5 0 Wyh!? 
— *J*. (1) K • v-^^A^^f-r^, p — ^ >^ 

(^^MI^^a i— - i?j&sf(jffl t* # s if r ic -e t p ^ • 
^tfi) ^«tSH3&^l»r^-fe^*3j:^ (2) is 

■9— br^Sr&Ki: Lfcivfr— b^) Sfcte^e^-f • * 
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[0 0 2 0] K • v-^-^A^g^co^^t^ 

IWF (^0-^ — 17-^^ 
PfflM) K • ^-"f t P P Pt-^iifiz) 

tf^ • ^u/w jzoT^fd^nrv^ isp p p 

20 F5t ^ ^C0*5-tf>< 8 0%^C^r^y^t)©t 

— f-*5»tS h7t y?(DMm&mrt&o 

[0 0 2 1 ] rn>- K • V^^A^^y-^-f • If* §: 

— ^isy-y— tr^ (i-ft*?*>, 7t-y>-^7by 

(^ — A • j^y hy — ^fc5^li7^— y > • h 17 

^ h — ?(D&W)&i&± ms c{^^vz:sn^^— 
^2 o%fctt IMfi L&v^ir^fflSixSco^, 
St^ft/Mk^ixSo f-t^iri/^iwF^j:tftl 

40 &\s^femZ^>-t 0 ^ — ^7ist5 r^itt 

^tttC ctot, XTunne lcOT'n h 
*CV^ h ^^/U^ftiJI/N^^^-w- t ^ LTV^ I WF t 

[0 0 2 2] L/6^L, fi|ffit^77^yr^J:0^ 

7*—V >MS C<D*p(D7 r i/ V "r 4 tf>£> 1 0(7)7^- — 
t7 — ^(7)^(7)-^— b 0 ^. LTV^ I WF Srf-t 

fc>*) ^jS^-rs- bfcx*%& 0 —fete, ^AiwFii 

50 bt£%>&, f ^b7LT^5 I WF^xy K ' ^>7f A 



332D0004 mmffl • ^^P^iJ 



9 

[0023] SJft^iiiowr^t^ • ^ 

y^j icio-cr^-t^ • >- Mcwinstb, ^<£> 
-^-^r ^-fe-x . ^nm^mcmM^y'tm^ti 

T^-fe^ • ^yc^tlT 1 ocDT^i?;* • hSrii 
[0 0 2 4] *38W^*5V^TI4, K • ^^-^Att^ 

ttrv^y^h^^r) ietfi 
y > • b (fa) t^fa^o - 

^✓■W/u i p^^* — y > - ac— h t lasfca* 

[0 0 2 5] Sll^t^yp^^Ijlx^- b 

t t , «oajftO>f — !7 — *>^««g*^3.— (IW 
F) (UBS fit, MS C*3«J:t^*Sj|»>'N^<DiP5j^^*5VNT 

^^rACTLT I WF^rSij«9 3T3 0 5RSW:*3: 
yK'^fA^LT, lowF^ (XTunn 
e l/Pb^^Sotl^) ^3l»Ja^ + <0*fj»^^ 
c^l^^-fe^ — (MSC) <n$*<D4 — V — 

?mm (iwf) tomztkjjt&ti* :©hy*^x 
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V K • i/^T-A ^ IWF t^ffl-CP P P V U — A^fei^ 

[0 0 2 6] -C-e&^tLTV^ J; 31-. XTunne 
1 (O^P h3;Wi7P-eJiH:J;otPP Pf-^ • 7 

i — Aco-f > • ^^ry^(7)feS-(:^{|ftt§yp ha 
/u-TfcSo :^^Phn;Hitsp(Oip^yM7-^ 

_L, *>Sl*M\ ATM7- * • *y M7 — ^^fcJi^U- 

y — ^fiT l ^fcfiT 3^y >^^s<5< - iiS"t?#, 

oTt> «^y >^i-S<5< - idSt?#So XTunn 
e 1 coy°o h =i/UfiL 2 T P (I/^;U2(Dh7y^*- 

* Lv^^-y p v'3 yt*5 0 
^ [0027] ^> k • isxrAitDP p p trr (-f-?i^ 

I s M7 — ^jcfife+sr irds 

tt^ 0 PPP^T^IWFCBSLtl^^, xy 
K • v-^-rAicf^iHSco^ >-^— b • r ^-fe^^lS 
«^tL6 0 PPPtfriV^h?*^ hSfclil SPi: 

Z>o 4 y b 7* y hifcfi I S P(DT t-tex&y-tf— b 

-t&fztbl^^ i wFiiwt2 ^ h yy^./pf> 

(L2TP) £rf$oT-f >- h5*yN*fcliISP 

£7)pppf-^i:gj|t^ 0 ^yhy^^MSPop 

P Pt-/^S^^P)|±, I WFfi^^y h V — V • r ^ 
irj^ . i^-/^ (nas) c?) J: 9 (c£x.6 0 m^K-i >^ 
7~ IWFi^PPP h7t y^li*»S<0^<75 

[0 0 2 8 ] j^co (T 7^ • V >7<D) ^fti^l^T 

fi, K • v'^f A^f) I wf l:*HTtei^5 p 

pp^ ah, MAc^i^x/ • y >?_tx*mmm 

lZ.MlsXmbtl& 0 SiitiXTu nne 1 7 B P b^/U 
40 ^ttot, MSC(O^OIWFiC^fC^tlb(?)7l/- 
^^^tt^o I WFtt*4xe>Sr«iacofc«)jrp PPf 

— m&-t& 0 4 y?—^ v b • T7±7(Dm^, p 

I S PSfcll^y h7*y h • 7^t^W»^ PPP 
WF^W^-^2C0 hV^y y^.^n^/^ (L2T 

p) Srtto-c*tb^»*is-fSa «*rft (y^v- y>- 

^) tC&V^-m, PPPfw^P)^PPP7L — A« 
XTu n n e 1 h^yU^j^oT, Siti!^(C>GtLT I 

5^ wFiaotfi^So iM^^y ♦ yy^ • 7 
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[0 0 2 9] ^^Df^fW- h-T^fc^iC, a> K 
^■7tc»-t-5*sK— h^^titv^o MACiiiSl 
mte&Tf^l/ K • i/ ^ -7 _A <7) cfj (7) ^t^r^fl V h 

^^fit: o TC0P p Poi^^^^^^it/L 2 TP 

So K • i/^rA^ 1 o©SiS^f>SiJ^Kil/s 
*§£\ *<0*Lv^X«JSi:7G0> I WF^ffli: 
flV^XTunne 1 flS^fiRS Jft5 0 ltu<£>^*^7^ £ tf> 
lt©XTunnelttll!lSh5 fl PPP7l/^|« 

o*fbt^!8l»* F7y^ri/y hi^ilii-r^c fc^ft 
S 0 

[0 0 3 0] ^©^3/ h?7 — ^tin — ^ V^^rf-^— h 

\) i, . hr7— p-au L^t-y— tr^S:#5 

fcT* • /p/q ^^^xy K • i/^fAW^- M 

[0 0 3 1 ] m 3 M*5l^ n-ALTV^xyK"> 
7rA6 0 — V y&M^ — tr* • yn/q ^6 2 

L^L, p-^Ltl^xy K - i/^^r M 6 0 te/^ — .A 

So **M{-*5V>Tfl, * — ^ 1^ feT* • 

ora^—y ^co^-y— if* • -fus^ye 2 
• y y^±-c7*-y ^<7)#Hif— tr* • 7"p^y6 

TV^xy K • \y^"rMQ 0^bS*i6 4 &mCX7 

y >-(D*Hi^— t:'^ • 7 p p^^6 2 0>u— ir* l 

tl^ I WF 6 6 SraCT* — tf* • 7°p 
^ 7 0 I WF 7 2 LT &S 

VM**~^<Z>ft|jj&1f— If* • ^P^ ^7 0 (7)* — A I 
WF 7 2 b • tf* • 

^7 4 i^tttts^i^ t>w^"Cfc£ 0 
[0032] i -r 37zc— ^^imti^t- tr 

Vtf- b-tZtz&blZ^ i,|f-h^.yp/q^ (WS 
P) <nmmcM<>X<nm{mcotcfr\zmt>tiZ> Q ^(D^iy 

? — 7^ — ^\-±7*~V XDWS P t 7^ — MCOWS P t 
(D^X=^> K • is Ms (DP P P 7 ASrBSEL* 3£ 
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[0033] r^ - y >?jj\tn&£zfyt7^ • 

^*[b]OP P P ^ xy K">^7A^)^-Ai 

^P/W^ (WSP) £i§L-C*S2l£*l5o f^*pi9 

— > 3 > • ttjKtesisttSo ^-yy- 

OTS po^Kift^te^^^—y >- • *y M7 — * 
^olftiliP PP7l/-^?r7t-!i >WWS P<7)# 

ib^ijiir^^— o^-y— tr* lti^s iwfwlt 

70 i£ff t~S (^fc, PPP7^A|;7t-!iyOTSP 

^MtoiEiJl-fe>'* — (D^co-y— tf* lt^s iwfk 

• v-*t^cdp P P 7 ASrteStSfcfelc, U-fir 
2 <D b ^^tftoT*- ^ I WFC^tlT I -f — 

*±T*gagH-£ 0 y yows PA^COU— 

tf* LTl^S I WF|j:gS(Df:45(7)7^^7^ ^ • 
7^-^^J|Xit§ 0 ^-A©WSP©fW^IWF 

So 

iY? [0 0 3 4] 7t-!J >(7)WS PO^Of Lt^ 
S I WF^iC^fA^Oli^tll^^t, ^rtt 
^JzoTXTunne 1 Sr^JCtSC 5 e 

[0035] ^m^^— x<nffl\z, s~*—y >^ws p 

(D^ — M'^^y h7^^(D7^7>7^7^ ^^aS c - 

30 Wt2©Fy^XTUNNEL(D^P h^/l/^fj 
oT, ^<Dmm^}t^(D^-— fcTj^ LTl^S I WF 

^y^-7x-^_b^f— c^LT^-S IWF^-A 
I WF icOWIil^fifcSttSo ^-AlWF|iL2TP 
(l/^;U2Wh^;l/' /p ^f^oT, HtttBl 

i(:x> k • ^fi^^P P P t°7i:iSt^ Q K 
^-^cora^. I WF t L 2 T P<D b >*/U<Dutr 

s i wf ^orecofltr^ N>*7W38iJBfc£jft,3o ^yK- 

-If^LTl^ IWF«gtfc5»^ ffL^h^^ 
/U^^tDff L^U— tr^, LTV^ I WF sfr — M I WF 

I wf fcTfc— ^ i wf k<nm<Dm<D h^/Hi»J»*n 

So 

[0 0 3 6 ] n — ^ y^f^^— h-rSfc^id, i-r^ 
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a* a be, «»*3<t^-^tei^«:*7K- h-rso mm 

*5<tt>*^^C0f— tT^tt I E T F COR a d i u s CO^u 

-cp p P7^tfiist5fc^7 f - *teai*— if* 

tt, I - XT u n n e 1 f> n;USrf ott^- h * 
*x£ 0 :©^p ha/Hil ETF(OL2TP^P 

[0 0 3 7] ^^RKlC*3V^Tffi^fc«t 9 * — A 
I WFIixy K • v^^^CO* — A • ^5/ hy — ?(D*p 

LTv^^*-— y >> • * y hy — ^co^co i WF£3f 
• v/^fA^^- • *y h y — ^ co^ co3£®iJ— 

fgu 7;*— y ^fci^fflssj*:?*— y > • 

[0 0 3 8] h*7 — K • VXriNi^ltS 

[S^co, *5±tflbfi<Jft I P7 KU*»J9 ST<z>P5**r* 
tf?— b"T^c %*SJlS^5^*5 I P7 KU- 
^2ofcS B <n94 K • i/x^Aco^co 

4^ — .A • jjty h!7-^rtT'CD7^7 : VT^r^-t:fc5 0 
wtl^ii u s e r@d oma i n <i:^ 9 7^—^7 h CO«t> 

-f/u i pco^-etttoix-cv^s^— a i P7 Ku^^iiS 

ftot^So SI 2 COT KU^liP P Pcd I P C P7 Kl/ 
Xco^^Z/jl— v-a V • ^nirx^r^S Lt^y K • v- 
^r^l:*f Ltat) St&ii5 I P7 K^T?*5 0 * 

^rixfi^i: ^ t y 7 r ^ nfc K> ^ y « t fc 5o * 
CO^ — A • T Kl/^COu s e r <D^-?7 4— )V Kfi^CO 
* — A • K*>f vco^-eco^-if Sr«giJ-t5fc4f)Kttfc 
tl&* if* (User - Name) fit <D K • 
V^rA±joi; t/M S C \z & tt 5 ftA^T"- * x d 

sfc*^*^^-— if^itLTWfjs-cfcnSo if* 

cO K*>T >- • -9-77 4— >v Ktt»ft*5j;VBBE<©aW^ 
fc<£>, p — ^ v^BB«*5J:r53iJ% — ASMHf— /*«r*gij 

if*coft;b9 Ic, gUco^^ — ^^SttSiJ^SrffioT^rco^- 
— if CO/fc' — A • j^5> h t7 — ^ joctr/^-CO^. — IFcO/Jn — -A 

as-et* 0 rcoa&SUT-te^> K • ^fA[:J:otl» 

[0039] ppp iPCPfix>K'^^f^l:S 
t6lP7 K^H^/x^ h-t-SfcfefcftfctlSo 
I PcO^^^-f^r^. U — v" a y^nh/HPCP?: 

PT K^«i^ N-T^r fcdS-et 5o 



(8) 1 - 2 5 2 1 8 3 

14 

[0 0 4 0] • T KW*fc LTm&ik&titz^- 

if*:7^ — t\> K«H£V\ tUlPrK^Srftbft^ 
rfc#^ UEftico^/W^ 1 p ±-e*^0^cov^7^ 
ftf+ftsaitB-efcadS, ^>f;HP*3J:^ PPPco 

S»-8^ jx— if*tfs&< , ^/K^v^-iN'7K> 

fc^y M7 — ^Sr«|Bafift"f 5Cifc*s-e#So PPPt 
— I P C P cot K^«9 ^T^^ — XcDRfJ^co 
10 3z> K • v^^-Acd*— A I P7K^^i:i P7K 

1 pc pizx^xm*) ^xhtitz 1 pt puxttemc 

\z ft £ o 

[0 0 4 1 ] |2]4 JC^V^T, Ki&/^6 4*3«fcl*n.:x K • 

^f^^fc^xr • y >-^^^iico-y-^^-/ 

8 0«U ^ttf^^v K • if cor ?-&7><Dtctb 
coair • y />ft< fc 1 oco^it^ (tzt 

S1^^6 4) »J:rj«t©S*||^e,MSC4 0 (0 2) 
£0 ^(0^ft< t t 1 OCO^y ^/Jx— • ^5/ h 17— ^ (fc 

iill El 2 co 3 8 ) £r^fr 0 fcfcx.fi, 3ir^^-M 
cos±fi^(o^^*y-^^ h — ^cor— ^r^^^-^fit^ 
cof^a^t^^^tr 0 

[0 0 4 2] 1. T?±x • hmm o r^ir^. 

*V > h 8 2flMACScoyy ^^y^it/MACl 

coMig^Jt^J^^iSftf^^co^jil^^fT-r^c r ^ 
tx-^vhitioco/Ptyt (^^^^cor^y 

^-^a >H*co^^[UgS (ASIC) cojg^^^L 

30 h • yy^tiiAs 1 cizm^^tix^^m^m 
i-z&m<nm<Dffim&?titzito<Dy7 hv^T%mf-t 

5o HI 7, g|8*3«tu?Eli 1 i^BH"t*SRM*#fl8$ixfc 

V\ r^ir^-^^>h (AP) «MACl(D7l/-A 

,«L, *fc % -^cOi^^fT^o MACSC0M*f+ft*5ctt>* 
BliSfttt^^cO^jlE^A PfCioTffitoiX, APJi-ttb 
^ttcor K • 7 4 • v" — ^;H^xy K • iy^^- 
in©MAC7K^iZ)MhS:iil*t5o A P liMA C 
r KU^^^co^ — T'/KcSftttl/^x^ K • 

ii»ttiPiciigfj-Kjt*nxv^s 0 ^co 
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mmz±/u • f-^r ^(c*#LTv^5 ^n^* i e 

EE 8 0 2. 3Wyy^git»«in^^S 

•#-f>h ±?? — }£tz*)\c 1 o) tfsfi&fc 

[0 0 4 3] 2. ISIft^:/tf>;»ffi 0 «j|»/N^8 4tt7* 
y 'X-^^y b (FA) <O^JI(S x ^s^aft— 

<fctfx t u n n e 1 0>*IK«r3lfrt-So 1*— t^^iSW 

(QOS) fctt-tZD-tf— i»A^(j:x 
t u n n e 1 tf^n h QO S JH4j$SRjfeoTV^ 

yp±"x?Hfr-f-s^ tiaotQos i-^f-r 

5*3sK— h&Hlfi-rSo — • -tr/ucD^-f bid 

v Hc:*h-5 i o^y ^ K±-e©>f — *4^s/ h 

i*t 3iiftiHij»-efci9, -etttt*!***— tr^ • ^n^>r 
/^y^^— /u0iiRir*ti-a y v^teT*— li/^ 

J* • y U — ^"7^ — -73/ t/:flATM0O7t 

[0 0 4 4] Sifi^fiOKfU^JfcO^^ ^coir/u • T — 3r 

^ >=2km) o -frtl^^T^ir^ . ^ ^ j. 

(13 4) 0 T ^ir^, • /K-T > I E E E 802. 3 
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[0045] 2. y^h^Apr-^T^fto y^ 

(D±/U . M>£>> MS I WFKgM^-fSfc 

^^ii^M^tt5 0 y ^e— h<DAP b&M^y* k(D?$\c 

TIEEE 8 0 2. 3C7)-^-/ b ^rf ot^tlC 

Hap ti*5ffliST*«i*i5o 

^ [0 0 4 6] 3. g^I^APr-^rf^fto 

T 1 Sfc(ii«©#Htttoty h©APS:SS 
[0 0 4 7] 0 5|in^;K^AP»tSrfot^S3 

8 0 2. 3<DV ^^"e»jtt$ttTV^o 
[0 0 4 8] |6 fiSH»» 8 6 £{£o T*tj»^^ 8 4 
f-S^£tiT^5 y hCOT ^ir^ • ^K-r > h 8 2 Id 

h (Bt^R- AP) \z.tt-t-&7$'{ is h • s y— • 

-^jv^if^y h^iiy^ • y ^^^s:ti«f So * 
y l-c«h»^^ic#ut*3I*s*ltv^ y ^E- 

[0 0 4 9] ±fB^ir/P • T — 3rx^^:fc«fctF#-fc/U 
50 1. 7^t^ • /f >f y h^MACg^y y v^t LTI 
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£ 0 n — jj;U<DT • /tf^ > K • i/X'rJ* 

[0 0 5 0] 2. • > h ^MAC/gcD 

Acyy ^^y^^r^Tt^o 

[0 0 5 1 ] 3. mM'^&m%]\Z.8 0 2. 3<Dy>^ 
[0 0 5 2] T 1 $fc»ft-#<£>P — • 

wyy^*fcli*tS(O8 0 2. 3^7hy-^^g 

ot^i^i^ntv^o y hcOT ^ir^ • tK-C 
[0 0 5 3 ] 2. ir^ ^S©7>rt«: 
[0 0 5 4] 3. «j»^^^*jttS*LTV^5#T^-fe^ 

COMA C T K^W7>f/^ • — ^USr**f<^ttHB^ 
fTt- Sfcfe left Jd*i 5 e y A c (7) bb%(4- ft* 

-Y ^ h^MACT • ~7 4 )V$ • X—yOH£ iiflP £ 

[0 0 5 5 ] 4. SSH^z/CO^tf}:?^— y ^ . 
^Filxtunne lW^nF ^^^rftoT, T ^ ir ^ 

• #4 > b tMAC(D I WF k<DfflX*7 -^Sr^^-f 
5o MAC COT KW* • 7 >r ^9 ' f-y;Kl, MAC 
r K^tf^^r- ^/M£#£Lfcv^^**;* hOM 

frtl&o AP|j;»(CMAC(7)yn-K^t^ h • 71 — 
Tl/^MAC7 MA C T K • Z? ^ • 

[0 0 5 6 ] 5. ^7/UCOT ^-fejx - tf^ >- M±AR 
P£{$oT\ I P h7h^^^l^^^LtIi]ilt 
5/:i6(DMAC7K^^t5o igfc, a&iH^W; 
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feCi)ARP«5o udp/i p^r^t^.^y 
[0 0 5 7] 6. T 1 SrjRabr»«*ttTV^S y* — 

<a«\ -tcoy >-^^/K-r^ h • . tk>tv hoy >^ 

[0 0 5 8] 7. Y*7<Dfr)b<D^tf—YmAAC 

[0 0 5 9] *j»#|ft*3J;V#l»APSr«oTV^a-fe^ 

1. #<»©r^-fex • /K-r>- Mi#|j»^^4:lnIC-»BfJi: 
t£g£tU tf-Ob - V— • /tf-f >h(D8 0 2. 3coy 

[0 0 6 0] 2. «&JM*j||<0-fe^#— it^(D±jU • 

o 

[0 0 6 1 ] 3. s<*y?7fr— /U - — 

[0 0 6 2] 4. S»AP{iMAClWx>K'^r 

Bi:iI^iaotaft|:yp^7A^^o MAC 
cor • 7^;l/^ • f-7>HMAC7U-A^7 

30 • T r> b~fZ>tz£>tZifct>tlZ> Q 7*u— K^r-Y^ h 

MAC7l/-AJfc{iaft^y h^tV^MA 

C7i/^n ^(ciiig-r^r tiftsffsnsc 

[0 0 6 3] 5. »iAPIURP^otIPh7t 
5/ H«r»«APtc*fLT|Hl^-t-So UDP/IP^S 

[0 0 6 4] 6. m&<nm%$Lftm± ? \z.m*x\z, 

SrffioTfirfc>tb5 0 ^tt^^MACS^^JIK^rffio-C, 
^ K • 1 o(7)7 • >- h^i^SUcor 

ti^MA c t • y 4>v9 • t 1 — ^/w^Mffi-5c 
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ir* • sK>f > httMAC»±-e2v^^ttj|[SSii(S-f-5r: 
[0065] 7. KSft-rs^*— y > 

. rc — v?^^ Hi x t u n n e 1 :/p h ^/U&rfg oT^ 
HA P tM S c t u-^^tiSrast* o 

Lfc^oT, ftiAP[:#t5 7t-y V - 31— 2^3: > 

M-t~^^>- K • i/7"f J*<r>u>r~ 3 >f;iol JSMfil 

7 j^zmit -f&fctbfc, MACloT'yy^y^ 
tt5it9I*»M*AP^jlEtLr7 ASrteai"t-S*:H-e 
&>& 0 T • 2K-Y > hli-ttt-Ptt^MACT 

• 7 • 7Vu^#Iltt^MAC7l^~is^ 

MAC7 Kn y^-TS)5^V^i*n^S:fT5o ± 

fEc^J: 3 MAC T Kl^^ • 7 >( )V$ • T-^HiM 
ACl^§i»M*5J;^V K*7^3MK«r«[o-C**r 

MAC7i/-Aii^*^*^ • yy r^itt 
yz/t±s 02. 3 6oy y^^ffiotiiA^wct 1 ^ 

[0 0 6 6 ] 8. AR P(i y — V <D~T 9 • 7$s( 1/ 

v\ T^-tr* • #-Y > MiBOOT P^m&fcoXMB 
^©MAC7K^*ft£t5o fflSiKU^tey 
h<7)T^1?;* • V h ©MA C T H>^CJ;oT 
«/&£tl£ 0 UDP/I P^7^t^ • WVh^j/ 

[0 0 6 7] ir/U • f->T h^*3Jt« I EEEfPS 0 

2. 3(Dy > ? &m<7m&<D y y^iaoti^Ms 

[0 0 6 8] EI 7 ten — ii?V<DT y"te7> • ^ V Mc*t 

APteftMj^&T*— *&a«U ^ti^MAC 
A (MACS) ^feTWSy^-f <5 0 #cK, 

M<D7*—^?yV (IEEE 8 0 2. 3CD7^-— V5/ 
h) l:S^y^Sn> -Y— I*"** h • V >2 IT 

7^— ***&«i^:/a>k-*rtf>>Y — f-^ s; h . y 
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ftlJ#P (MAC) <D7 3r—?y Y\Z.'<y 2 L s ^(7)MAC 

[0 0 6 9] 08 f£*5l^TJ* N B| 7 <D^Zs K • i'T.'fJ* 
t<Dm<DMACi$£TfPHYmte, V"e—b<DT?±7 
• j^-T^ hfd^-TSir/u • i^>Y b frft-rz ft1fc<Dtzito<D 
MAC^oiOTHYfaotttii^ll^o f¥L< = 

S - t ^Sf* LV\ 

[0070] m9tes<v?*—jummt})*—b<DT? 

^^7p hn/u • 7^7^^Ltl/^ 0 y^E~i> 
(DAPlcMlr&ifrmteV h(DT?±7 . Ttf-Y > h 

h"f-5fc*«Jt^ieniT*)5 0 y^e 

20 YJHttaK-f > h • • -v/Ufrtj > b<D ] J 

[0 0 7 1 ] jmill^^tty -=E~ h(7)AP*5«trJ«^5/ 

h!7-^(D^ft^mir^^- (MSC) \Z 
MLX^]) V-J-t&o mB^7*<7)tp(D7fxi h • 7? 
y ? (IMS CiC>ftt5MACjoJ:t;PHYOl^I^ 
L, ^-©Sco h yzf\Zte I P (>T * y V • 7n h 

h n (Uni versa 1 DatagramPro 
t o c a 1 ) \ II^^-fTUDP / I P tm$tlZ>) 
tf^mZtls UDPlOhy7l:ilXTunne 1 
p h ^/^SUI^jxxv^o ^^XTunne 1(^7p 

7*— ?y Mi^etry ^^©^^ (7ti:x.f±\ ^e^/v 
I P(7)^t^J: 5^) ^J:t;i/^/U2(D - 

h^/U (L2TP) ©fiMSI£^ti> 0 XTunne 1(7)7° 

p h ^^fiiH^^bMS cic^tLriiff-r^/c^), 
<z)-Y^^-!7-^^^«fle (iwf) ^w-e«toixs 0 

[0 0 7 2] Bl0li:ii, y hcOT^-fe^ • > 

y?&~/u\E}m\zMi-&^^?—7zL—7> mm^t 
Lr^^nrv^^) fectr^y ^e— h©AP t^iAPi: 

Lt/T^ntl/^) tiiiti-a-Y — 7x- ^^r^tp 0 
«lil»^^«^36*?jtt, #»AP (07*3^^1210^ 
/T^tiTl^) ^HR;cfi0 7«c^$^xTV^SAP(!rR 
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[0 0 7 3] 11 lClt P^/UAP^ftotl^t 
— ^*3j;l>\ 3^ K • i/X^M* (AP £ L-T^^tLTV^ 

5) l^t^x/ . y ^ . ^ — *&^fc Q 

&<*^:/0>*/£a>&MU AP (HI8 ^ctt^ia 1 1 
■^t^(Dm<D-< — fr* 3> h T*0»*| A P ^tlt^ 
[0 0 7 4] Si^^^MS C^<D/<y?7fr— )V - 

h !7 — * (i&^Mte^W-r 6 0 

i. b ^nmmmtMs ct&mx* i po 

• >r >-^— b-ei±*v^ 0 {tm-v$z>s — vfrb(Db 
3. *^^7-^iJMftttifttttftr^5 B 

[0 0 7 5] ft*WftiSffli^*5V^Ttt, tfX • 

[0 0 7 6 ] SifiiMS C iriifB t-5fc£>l£#:0V*:y 

1. *«JBtt#>f ^ b • • #>f v hCDT 1 SfcttlW 
^T3 y y^ftoTHDLC?:fx.f:P PPiTO 

I P£^- h^6 0 

2. laaiiT i sfcttK^ttT 3 y >^ sr«o t7 u 

3. XftHttT 1 * fcllBfJtWT 3 y >^ SrftotAA 
L 5/ATMiT I PSrl^sK— h^S, 

4. *»»is>f — h • y >^±-c i p h 

[0 0 7 7] ±|BO>Y >-^ — :7a: — ^COf ^"Crt* I E T 
^MS C^^T'ftot^i/^*^ • *y b V — 9 (Dm 

[0 0 7 8] MACfWiTOxy K • AcO^^ 
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K • far 2»<D&»^m&. %thh&%:(D±_(om 
[0 0 7 9] xVK- isXT-J^ltttl^tinfr — J* • * 

y 1/ . zn— >?mV h (FA) ^ftot, ^O^^h 

5 0 iiu#<£>4irg\ FAWWxyK-^T^tD/t-A 
10 - *V bV-?<D^\CtbZ> 0 '&m<Dm&, FA&7*~ 
}) > - b7-?<Dtp\Z.foZ 0 V^tt^»^ic*3^T 

y M7 — ^rtoi WFSrTV*— • 

XrfcS) ^Ltf ^>o xyK-^rA^P^PPP 

y b V — ?ft(D I WF^mmZtl&o ^L^K-v-^x^ 

x t u n n e 1 h n J: o T \f.&fc 

20 mmzti&o iwf ^mcy— ^(D^commmt 

a*^t>t 5 c i ^-e# Sit |:S« S jift ^„ xyK 

^7 — ^ O^?)^— tf^ Ltl^ IWF^Wy^7x 

^LTV^I WFfiS*^ t ^ — A I WF t cor^r*^ U 
-A?r^it5c ^ — -A I WF £rp] — K Sift 

-AlWF^f), IrIC I WFcD^^Kft-t-^Iir^x^ 
5PPPt^|:SU, fc^V^iL2TP7 5 P hn;l/ 
30 Zm^X^^mfDV—sMzMLX^r — frtmin ^n^c 

tf, isPStfj;M^yh7^yh) laotW 
3 ^asjg^-ci^KK ^-^iwFtpppt-/^p 

S 0 L^>L, [rIC/^ — A I WF^Jctt/P P P i^* — /^7b*$t 
40 tfXi&m&tl&o ffbV>x t u n n e 1 rt^OfrL^F 
AMWFt(^ffi|:t^§tl, m<D7*— y >- • m-^ 
xi/ h I WF £(£>ffl<7)x t u n n e 1 ISflfcJgSft 

So 

[0 0 8 0] gj 1 2 |i2oOxy K • ^fAAfcii; 

*> =^ — bV7 — ?&mMy-—i?x - y 
(WSP-A) tfc^> 0 loCi^K*^ 

(7)01^ K • ^fAl^t^- y !V hl7— 

5^ Sii^nSe ws p - A(D^^7t> — ^ i WFiiiSf^co^ 
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< 0 K • v'^r- -Mcfcf Lt, V s — 9 — A 

IWFi^LTfi^tl, ^©^-^IWFfil SP - 

^j*(7)^> K • ^7^|^i: i s PidDALTV^ t 
f£y££ft<5 0 *5T4v^lt -^GO/ft- A I WF fcS'J 

[0081] iit-t^ • ^n^-f y<D*y b y—9 

F*3"C. I WF k<Dm<Oy*—9&x t u n n e 1 

:/p h IWFtPP Pit— 

i:WW©7- 9fe 1"</U2<D b y l/tf • h =a/U 

(L2TP) £{£oTj$i££ft£ 0 It- t^LTV^§I 
WF t* — ^ I WF — I - x t u n n e 

[0 0 8 2] *«*^y ^-fc*5V^-Ctt, H>£3!<£>1t— 
tfX&m&lrX^^&^tl^tKDft — J± - *y by — ?<D 

[0083] /ft — A • ^ y M7 — 9 (D^(D 1 OCO I WF 
Sr^icft? Cttctt, flmfcfctK 4c^fc*>5 0 lo</> 

#(aot(iy^ hcD/ft — a i WFi:^T*f[:f« 

ftt^-c^it^ir— tr* itv^s i wf— aitj N -tft 

^LT7i7^>'7^ v^if«S:J5{i y 7;^>f^W- 

S v n pj ffitt <£> *> 5 £6S£ b o T x — * £r 4 1 3 
[0 0 8 4] irx.fi, ^^fefi^P-AtS^. 

-f^I'&Sf^X.So if CD/ft- A - M7 — 

v-^^lcfcoT, ^tcd^l — 1f^#^cfc£*&||iJ-— 1 ^ 

Ttt, r^^7— • /tf-r > hiiv^^^fe^Tft— i wf 

fcfcs* — I WFli^^|;fc5a-f^ i s Pic^ 
tt^o ^2©M-(:1t ^> K • ^7^©a- iffC 
I S P^fijO ^XbtlZ 0 L/c^oT, 7* 

§Mii<45 0 z<D$&2<omtfLiz&\,^xte, it— tr 
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[0 0 8 5] 0 1 3(j;S2^i; h^-^fM^Lt 
V^ 0 dC0El<30fpT% x>K-;/X7^A^J;^BtO^ 

^AAte-tO/fc- i» I WF £rT — • > b t IT 
ttotW-i^ • H7-^^f>S»U -t LT I 
S P(OPPPfw^ffiottW ISP- ACSLtt 

^•^^hy-^^^lll, f-tf^ttV^ IWF 
^{$ffli-5 0 -t© I WFilTV^— • stf>f V h t tti 
-t K-WA^IS P^^ttt, * 

©ISP©PPPf-^(toT)(«t5. 

y ^ . h !7— ^a>ibtf;— a • 4^!7 hy — ^i-^fL 

[0 0 8 6 ] ^(Dffi&tflE1%\zmft-tZ>tzib{Z^ ^(D 
^ [CP— ^ >'^fg|9d54Jtntfft&&V^tt'T*ft< , ^C0 

^^-y v«E$H--hf* . 7*s<jjrk^>> k • ^>^7^ 

9 1 * H i? ^3 & «g A. -C v * 4 it ft lift fb & v m id ^ T? ft 
< , #S(Cfc5WS P fc^^a-fo^ rf^ I S P t 
* : II^^SAy-CV^ft^tftftV c^ ^-r N J£ LT#^iCjoVN 
^'co I s POP p Pih— /^CMlTT^t^ Lft 
^ ttftfift^i", fo^V^is ^^a-f^^^ISP 

Zu-jj^teitii^ i s p ( t* : ^^^S^Tv^ft^tftil 
&bftv\, ^^ic, #»fc*>5ws PttA— if<oBBE*5 

^^tt^ic^^-t^ c i:^^#ftitfttfft ^ftv^ 
[0 0 8 7] -Y >-^- h^>fy77^ h7^tt • 
tr v?^ ^ fc # A LTV^5 ^±(C tot, ^ ft 6 CD W- y 
^(7)-T-<TicMLr I ETF^^ottSjaejft^apSrjEL 

>^ f>y-^©^(7)I WFWC/yjf;^ . h L 

OP — ^ ^^fC^-T^il^Oftll^^O^n h^r/ucT)^: 
SLTl^^t, *2©ijjfi«flft, fe^V^it<t#cO 
**?K*it*ftSft5'<*T?*>S„ 
[0 0 8 8] m> K • ^7A|iWPP P^7^- 



332D0004 ^\mm • ^*P0U 



25 

(ippp^TOt^o ^ix(ip p p y ^^(/)ftiw7x 

— X, P P PWBJSE^^i — X*5«tU«p P P^5/ ^ 
St!l#pXn h^/wco^^— X£^if 0 dtt^co^^— X^s 
$*fr£<bs ^(D^ly K • v-^x^^P P P£rffioT I P 

[0 0 8 9] #CO|ftM-eii % 31V K • i^^^^^^^ — 
y tfto t F A©7-f f >f f 4r*fl L, * L 

Hrii^Ltt^FAit *©»«a^&*0>sfti>- 

WF > (7t-!)>'WSP^t©) f-t^LTV^ I 
WF b<Dffl\Z. I-xtunnelcoy y^Sr4^t-5 0 
^ — A - VV — t7<D^<D I WFI^OP PPty7 

77^-'^7F^LTl< 0 

[0 0 9 o] mM&xzf&mcoy ^-xtmt>% # 

l(DPPP7x^K^ti§ 0 PP P<£>H!*&l*K, 
lOWL2TP^^^^37/5\ ^-i^IWFiM^ 

tb/c i sPAyh^y hPPPt-/^(7)Pfli^ 

P P P^^tiE^^— X|c:*5i^T, 
SEXnh^A- (PAP) £fcJi^ l^>'v ? IiE7 p P h ^ 
}V (Chal lenge Authent icat io 
n Protocol) (CHAP) SffiotPPP^ 

P PiJ- — /^^<7)j: > K • ->Xf A£07-ffV7>{ 7^ 

[0 0 9 1 ] mratSt, PPP*yM7^ffl 
^37^i— XiSR|*6SixS 0 ^(7)7x-X{^^^T > I P 
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V K • i/XirJ^lcmV mribti, flTTCP/IPA 

ri s ^T1~5£* ^©xy K« ^fi»|j:PPPSrftot 
I P/^y h^r^rcD I S P*fctt&*<7>>r V h7*y h 

[0 0 9 2] 2l"<;l»(Dim&nftZtL&Zk 

-Y x-f SrfBSEU ^LT7t-y>'^^M7-^^ 

^ V ML /c<b X.i2\ Radius (ar^ir^g*^ 
y -^coa— #/UMS C^ffiollt- '<\cM 

IT I ETFOR a d ius^X^h ^/U^f^oT^V 

wK^^^ftot, y v»*-9— sM±%:<DaL 

V K • 7" A (7) jJn — A • b V — 9 joi:t//^ — i^l 
fttw<(7)7^fV7^7^ £r£n «9 , tltRa d i u 

-r^o 7t-y yg&tw^^^xy k • ^7aw 

£\ tt(it7 P '>3 Vt LtR a d i u s <7)g*£r, 1 
o<DXn — # ;iJL S»f-t^-yp/q^ 
nyy->/7AiaotpM^titi^to) to J: 9 

^rc7)Ra d i u s <DT ^ g* £rg^(D * — Afgf 

V • ^ — v^V htD^^g*^ !Jv?x^ hU ^T(7)^^ 

— y v • x-v^xy MS^v K • ->^^^<z>««iK*Sr 
y^x^ ht5 0 Ra d i usW7^t7l*^§|ff 

^te-ttf):?;*— y > • M7— 

^^J:(;xy K • y7r^»7-ff77^ t 1 ^ <D 

* — /^fi^^— y va^i^— ^MLTR a 

d i u s (OT^-fe^JSflF^^rs/ hT'/S^L, ^60^^ — 

y yi#t-^MS$r7t-y > • ^-v^xy 

[0 0 9 3] ^2 l/^;KOBE(4>f yh^y h^fcii 
ISP P P Pi^-— s<tzM-tZ>^> K • ^7A©7^ 
7>7^7^ ^r^|iE-r^ 0 P P P(DMMte^¥ ] J 7~ 4 (D 

mmtam^. ^^y^^ b^^^-^^m^ isp^ 

[0094] y^f^xy K- 

50 ??J*XihZ>o P P P^— — J* I WFttBIi: 
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tw^fCfcot, L 2 T PI1^T*&£ tUfe^tl 

^^A^ftfotJ trr^!>>^^ ^y&mtti&itz^ t 

fcv\, Ty&^^-r >^ p— ^ >^ 

[0 0 9 5] m>- K • i/KT-MV)*- — i^aft^i — v^>- 

[0 0 9 6] 014 Cl&^T, K - v^^A (-=e^ 

MS^tf):?;*— y > • v^^^ h(7)^r • 
*~y > • ^=-— Miyp^rv'Sftx-^xy h £ 

it, 7*— y -^(D^^-— y 

it, 7 1 - y >iif - « • / w f ^) f d 
Diaot7t-y> -fV^^ hy • ij— ^cir^i? 

Ra d i u s (DT^Ir^S^^^^^ir/WfcU 
t-^HDDIIctot*-A • 1/^ hy • ✓ < 

Asgt- ^liJnA*^^ h y i-r^-t? 



(15) 1 - 2 5 2 1 8 3 

28 

I WF1M*^*"A I WF joJ:tKP P Pi^ 
— ^(C^fLT^ff-r§ 0 ^AIWF*J«fct;PPPt- 

it, I WFfflj»lSt«:*-ASfif-^Mt5o * 
td, jfc — i^H^— ^f±R a d i u s ^ * JE^g S: 

7*—v >&m°9—'^mm-t-Zo &c y>g 

fiW— tf^ LTV^ I WFt-^l:»tt I w 

y > . ^ai^ hicstt^ff u ; ett7t-y^ 

[0 0 9 7] y >^ffl«^P h^/w (LCP) 
^ k • ^ris^i;ot7t- y vlftt-/^ 
iiCT* — A IWFjoil/PP Pi?-w-q;i*tLTi£{f £ 
^ tl^o I WF*5itfP P Pt-^li7t-!l ^! 

[0 0 9 8] mW^> ^>^V— KBBET'p h^yu (PA 
P) BEB^-AIWFftitfPPPf-^t.to 

^BBE^n ha;l/ (CHAP) ^rffio TBEt 5 C t t 

fcds-eSSo fo5^(i^^7x-x^x^7yttfcj; 

^ [0 0 9 9]», IPM/Ph^yu (IPCP) 

fl*rici£#as*— * 1 wFfci^p ppfw<^Lts 

[0100] x>K - ^fA|:^f5 vft 

'So 

1. ^-if^Si^-^^-v-g > 0 £0v>-j-y:*-|£*3i^ 

k • i/*^j»fc$.-fmmz.p p p^jii/?iEL 

— h-T£ 0 r.ttttP P P*y ht7 — ^#J»^ 

HhnyP (IPCP) CO^— ^ — V^o ^t^-^tli- 

^ jKPPPyy^ - 7p hn^^^^^-i/g V^r^a 
t?o ^ti^fi 1 ^^^ xy K- ^r^ii^^ h7^- 

[0101] 2. i»yy^a*„ r<7>wy;m^e 
[0102] 3. -7^— y > • v?^v htd^f-ra^ 
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Itliy y^?:^-;^ h^£fcft<D{f-^t>T{4<D 
[0 10 3] 4. IWF^t^^^^v/a^ifc 

rtus:?*-— y > • v?^>- h ^^9 > 3 > 

[oio4] 5. iwrifeiipppt^iaspp 
P<£>^— v'a > Q d (D\/~y y ;#~f3:3i v k • ^y^ = r 

[0105] K • v"X-ri*<£>U-— fcr* • a 3r 

al/— >3>«, ^co;DqA#<E>U-— • ^07^ 
(-S<5^T^V K • ^rAC^lt^^ h!7 — 9 • * 

c7)rc> K • rA^P' — A b, 31 K • i/T^i* 
C0>T >9—*y h • tr^ • ya/M^i^St^^^ 
^^gyfttyhTy^tS^imSo *fc* 

S:ttf-i:W*L^o DWXmfj ^9 V V <0ffiK, * 
— A • K^-O'T-f h!) (HDD) ^itf^;*- — 

y > • K^^^-f^ny (fdd) ^p-^y^ 

^A<D* — A • by — ^^BBrSttf«Sr»lfiL, F 
DDttJPA#3ftSttn-*"SFrilBtt^*>S7*-y V • 

[0106] @15 fi^tLfetf^-r h y 05* >7 h 17 

— .M;:;fc5^T3£^bTV^53i> K • is J*<nlz£><D& 

oc^^r, i>h^T^ (^e/^^/u) fey*— y 
>- • m— v?^>- M7 — ^KM-*-* 

t»«£^> k • ^fAi:Sit57t-y >- • 

So ^7^ 5/^*1 ^*3V>T> (3i V K • V^7^ AcD^tT)) 
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m&&7*— y >- • yx> H£*frL-c2*«-*-5 0 * 

AM**— tf* • /o/^^HD 

TV? A l^l^T, — ^ttJPA*^-* ^ 

h y {^T^i?^ bT#ltt<&JPA#*— tT* «/n7^ 

^f«(D7 ^ir^JS^(coV^T^^ — y > • 31 — 

* — y v • > Mi^ilfcj£^oi/>T3i>' K • > 

[0107] mi 6&-7*~ y > • h!7 — 9frh& 
®:^tTotl/^x7 K • v^T^i^-r^T^ ls9 bV 

7t-y V'x-^xy ^rco^^ — y v • 3i— 
£D^^ 9 fey*— y >-(D^Hf~— bf^ • ^p^m 

cpco) ^l — ifajgm — -^iV K^^ct)^^-— y > • 3i — 

y T^^ftfflBEW ^^>s*S:^^-y 
^ . 3i— v? x y hJc*tbraifSi-5o ^7^^^ , 2(-^v^ 

^rOD^^— y > • 3i — Hi, yp^v'fgx 

-^x7Ftu, ^^*^7t-y^i&f-^ 
4(r^5v^r. t 7 ^— y >^®^— /^i3i> k — >^t^^ 

^^*^r^(7)3i>' K • ^7rA(O^ASIf-t7 • 

/p/M^^^Alit^(:Mltfeilt6 0 ^7" 

cdf DDicr ^i?^ it, ^?i< h h^ny*— y ^ • 
40 tfj^ • ^ci^>ryj-BB-t-5BliEfflf«Sr*PSc ^^^7 

^ h y (CT ^irx Lt!¥II^DAft-t'7 . 

— MfffR (fcirxJi^ ^PA^tbTV^^-— t^cDp n pK(7) 

^/j!if) tt^o X^^^ P 7iC^5V^T, J^ — A 

^^^ii^a-r^o ^^^8 tcjo^-c, ^^- — y>-^ 
»-y— smt*:<DT 9 "z^jfc^*'? y > • m— v?^^ 
hi-^-bTteig-r^o ^^^^9^*31^, ^^-y>- 

• 3i— ^ bfe^cn&Mlt^^^^X^^ K • 
5(9 A (-rftfc*>, ^-/W/u) ^ii*p-rs 0 
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[0108] -fxi v ^/is%±m<Di/-}-v • f 

■fer/U • x — ^r^^^^(C>Pt-r5^n h =r/w - ^ ^ v $ ft; 
%/U<7)AP (Hi 7) feir/y^h^AP (Ell 

[0109] Hi 7J3 (^(D/^ — A • hy — ^<7)^ 

\^M-tZ>&— a I wf £<DfJD<£>i§ft ^^s-r^^^co^ 

[01 10] |1 8teT?±X • h^te^^f^ 

i*w.&<d<<( h • T?±x&m&'tz>o ppp 

[oiii] 018 Ci&i^T, xyK* i/^rJ^frhcn 
PPP7i/-A|iRLP mmv • h 7 

&fz.tf)<DMAC7 J±(Dtp\Z ]) hcDT ^ -fe ^ • # 

^ • sK-Y > Mi*tf>T^-fe;* • >- h^#Lt, £ 

h«MACl(7)7"y y S^fc ItRt^ L N xr • y > 
?fi>h<7)7 J±&MBi'^y<Dtp(D7*— y > • — v> 

AC7U-WRLP7 ASr^^-fe/U^fcRO W 
L, xtunnel^nh ^ £r o T , ^(/)RLP7 

7 I WF/5^xy K • ^^TisC^LtS 

[0112] x^K* >;*-r j±i£m<r>y*— y > • 

v^>- h £ I WF £tf)Ml££fL^x t u n n e 1 ^gfi 
P P P t y *&+m£ti-r\z*:tib 

[0 113] y ^e- h w a P i: »j» A P «!: 

(0 18) fc*3^T* x>K - S/XrA^r^ir^ • /f 
-Y > h <h (7)^(^x7 • y fi^co#«<^ilfeifi: ( f 
2) (f 1) "CIM^U 

[0 1 1 4] IU1 9 Jin — A LTV^Sxy K • v'-Xx A 

LTV^5 I WF te^tf)-?— tr* I WF £ *— A 



(17) #W¥l 1-252183 

32 

I WF t(DmX I - xtunnel7nF =»^*rflEffl-f 

i wf *Sifi»fc0f-g>l-a :tl:J; ot*«fct^ 

[0 115] RLPlii^yxff^ot, S« 
lt^6PPP7 f -^^7A4:KP^7 P U ^Uxy 
K • f**rJ±k I WF ^(Offi-CP P Pf- ^ y^&OU 

fc«XO«fiKRSRr«ftettfl:««P (k e e p - a 1 i v 

e ) ^*^Srj|ttt8, S&fc:, m^HJS^ffitc:^ 
i^TI*. R L Pitti y K • J; I WF i ©ffl^ 

y >*<Dm&ffyft\;y b • • u- h&mb-ftztb 

>K • iX^-r'A^ I WF k<Dffl(DRLP&%:<D±yi/a 
^iiCT, ^yKt7i:|LTt7^r^7 f (7)^l(:ft 

[01 16] ^rs<4 /U(D IP RFC (RFC 200 

3) fc&rt&ttmtteMMmz, ip^^7 p tMbi-*5 
it5 i p^7t-y> • x— v h t j± i wf ^ 

h xi/P^ft^tL^o r CO h >^ y >^ • hnyUf^L 
2TP^p h3^Mf^ji^-^3yt?*)5o - 

[0117] 1. RFC 2 0 0 3<DtpXWLJ££frX\<^ 

30 Z>%y p ±;Hk(Dy p v b^s^te, '<*rv Fw7o-afl| 
F7^-^lt /U_b(7) h^^yucT) 

i^Msc ^(7)^^^ ^ h i7— ? ±x<D7u— m@f<om 

I WFi-^tta^n-MPO^H^^^t^ • 
SI 4: ft « wT«BttdSfc5o 

[0118] 2. UDP^X^F^y^^'7pF 
xi/U-^^9 C t (C^oT, Wlr^-f • l/^tig 

-So 

[0119] 3. RFC 2003 ^ffioT, bf^ 

^{-, &KftQOS*-t-Tfc»0tLT^5 y >-^±T* h 
V\ ^2(C N RFC 2 0 0 3^f$ot, ll^^rMS 
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[0120] 4. RFC 2 0 0 3(Ci^^ixtV^J: 
5* I Pto^^/Wfci-^^T I P&m^-t&tzfrlz. 

(i, tcp/i p^^y^tciat-t-sy— ^ • a— Kfi— 

P / I P^^ j/^»AL, ^v^ugd IPf^JJy 
^«r*#— h-T5fca6«r I PJiK*tLT^M«rfT5 - t 
te, 5B«ti J #1^^3^TCP/i P^^s/^ 
£ri*-?tf- b Lflfctt 5 £ tt45 0 ^te^* 

[0121] ^ffimt iwf t <om<n v v - 
mm<D h y . ^p h aynattjuw;, ^> k • 

[0 12 2] ff LV> h y • h37H^L2T 
P^£-3^TV^o ^fiS^, L2TPfiiMcoh> 
^^.^nha/^fcD, L2TPi^iihy^;K^) 

;?h- ^y Ki^^^V\ ^CDffLV^x t u n n e 
1 :/p h=3/UfijJccr>WflJcSr^5 0 
[0123] 1. xtunnel ^^liSiSg i 

^(Df^T^R a d i u s COT ^ -fe ^ «£ t^R 
a d i u s <DT ?±*fc^(D^ y i? — i?\£$t Lt^> ^ 

Kl#><Di><DX*&>Z> 0 
[0 12 4] 2. 5ftt^li*45lP7K^ L 

[0125] 3. xtunnel gDt/p h =wU{*>r >- • 

^U^^^rVr, £:£xJ3:\ UDP/IPK*8 
[0126] 4. xtunnel CO^P h =i/M2 h 
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yy/^fVr, udp/ipiwp 

— K • ^ £ri£ff *"t~& 0 x t u n n e 1 (D^p h ^/u 

[0127] 5. xtunnel (D/d h n;HJf- tr 
^(Dp R pI(D/:fe(:UDP/l P^^fVTit^g 

[0128] ^7 by — ^ii^— ^ iwFi:^it5PP 

p h u «*^> i p/u— ^y&m&m 

10 ot/^^-gi^ M£*tLT IWF^f) 

^ . /nt^ (r i p) %mn-tz>^ ktfi&&\*<, 

— ? t,R I p*3J:t5, i^faotfit^-yy ->a- 

h • . ^ 7 — ;* h (ospf) &£f<£>WL<£>pTiE 

[0 12 9] hV — *y h • 

« x MSC(D4 ) «^^AIWFWPPPf-/^LTa 
#£1~5o ^/c, r.(7) I WFiiR I P&iftfM V^— ^5/ 

[0 13 0] r.C0^>> by — fte, tf^ • 

(wsp) a#a* i s p-e&v^fc*. fcsi^ii* 

y — I S Pfcr ^ir^-r^fdfecoi^— k • x 

-r<^I S P h(DTJ3?7^ h£#LT^5^-— I^SrlfRr-f 
Z>tzMz., K • y^^to I S P^M-5:^:^ 
t^5 0 C<^«fig^*3V^T«, PPPt^liMSCl: 

f?LftV\ ft^»«9{C, L2TP (Kt2(Dhy^|jy 

? . ^P h /^if(7) h >^ y • -?U 

■^(7) I S P CO P P P f-A^^LT h ^^yu • s< y ? -f 

xi^c^t^CltDffi&^fc&fD^P h3;w y ^ 

[0 1 3 1] * — AIWF^iO'I SPWPP P^— 
(Dn>r-y3y|j:, ^OPPPtyv/ay^^f, 
l"§/:tlTl/^ 0 ^7t, I WF t ^<D I S P(7)P P Pi^ 
50 — ^^^r <Dffl(DL 2 T P h y^;ut^^ PPPt^->3> 
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coPflfK Wiii:4ot^5 B iwp^pppf^ 

[0132] r<z>«/£ti>r v h?^2x h • r^-fe^t* 
^-h-r^o j > h9*y b • T?±x<D.m&, ppp 

— A IWFIiL 2 TPSrttottlll:#tt F^/Uf 
[0 13 3] mfeM(D^> K • y^r^iatLt, -TV 

V K • '>^rA^f-t^ LTV^ I WF ^rffio-C^O 

/^«!!31^^:ov^rtt«flt^^cRW*i^TV^5 0 13 2 o(c^v> 

TM\ I WFJ2&$|^X^#^£tK XTunn 

e 1 Xn h=^£ft< tm5o 

LTV^ I WF£^|ft^X^{#^U ^tli-iotXT 

[0 13 4] 12 1 lin-^/l/WAPt/KDT-^T^ 

^rai-ffifrnsxu h^/u . ^^y^^ui^o y 

[0 13 5] it/T^^Vtytiln-ALtl^^ 

gfclJ— ^J2ftv\ 
[0 136] K* y^r^^t'^t^ t 1 ^ • re — 

— h M&Wl-il^e^ >^ 1 p rfc 2 
oo2Ciffliti^o ^eif^f v^^ms^ 

^'^iiot, RLPii«fcttfti\ y > • ^ 

— v^>- h*5 JztfafikiJ— ^(iUD P/ I P±tR a d 
i u s fcteoT, K • ^rA^lit§/;^Cl 

[0137] v r >{ <d\,^ < <>fr<Dmm&^&&ti 

^> K • >-^7A^J:t;7^- y V/zfr — AcD^ y h ? 

li, p p — Xtf>rHMP P Pt^Ciotx 

So 7*^^r>f>'^'7^S:»»t5^ 
*3 J:t5aJ^ — -A • K^>f >0>tiM8<Z> 
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^^$^5^77 • by t jy^Ht-JHfcrCkao 

[0138] xyK - v^x^tf^jft^jfxtf)* — A • ^ 
y b t7 — ^Ci:57>fTy7^T^^J:W- A*5«tV 

y xo^y h y — ^co^^^^^cosi^r^^ 
^ x -f x 4 £ BUE-f- 6 «> lc (7)85* ^ * - ^« ft 

[0 13 9] K • i^^T'^^KSEfi-ewS^*^ 
70 fcfe^BES^Sr^-rafc*^ l 2 8 try hco** 

RFC 2 0 0 2(0*^1E3*£jh/O*S «fc 5 &BE*no> 
MD 5 ^ — v= • X-T v?^* h • T/l^y Xi^Srffio 

»»»*9 f -4'±-eiHiE»* J f*rWtHlti-*. ff-*£ft 

[0 14 0] gSj&gKl^T, * — ASfrfr— /<J*|pJ 
EJS^SrfefiK-t-fio ^^^SrSfs-TS^, xy K- 

tt T # fcBEfi*? ^fii t y ^ L ft a> o , 

[0141] ZtlhCD^y YV — t • ir^r^ JJf^I 
^K/^/W P RFC 2 0 0 2<Dt£Vfe^£tlX 

40 iR*Sr^*i-^o ^i?^^ y • KiBE 
v-^^^OD^x.— i^^g (^^^f;K7) I pco/^ — a . r H> 

y h!7 — ^ fc<o income try ^^^i?^^ y ^^^Hig^ 
(spi) ^p^^^i^^ij^/N^^— ^? 

50 frK ^t'Ur^ coir y x (DWMtttf(DtpX*-te *r ^ 
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/H P»HE7VI"=*y XJ» (df- — ft^r^OMD 5) *5«tt/x 
) ^ 1 2 8 If s/ h^^COSJflS^^r-tCctoTi^^ 

— h ZtiZo * v V v — 9 • a— if tt-tix^tL^^— a 
^ . a^^* m^lts p i «MM9 arafc*. 

^ s 12 8 \fy h(DJ- y-fe — • v^^^ h«D 5 

cDT/u^y XA^ttot/!) ^>ry^^+i^^^ ^^^ 

S P I teJ;V3.— tf* i:— Mf^«fiW*^^-C3i> K • 
^fcitfSP I 3?#&;F2Etf>S£* — 

So • if— '*f*#*<a»«<0*-*«o 

t^^^^otl^, A»«Hf— ^lirc^ K • 

[0 14 2] * — ^3£^if — /^i-JzoT^^ K • 
A&teoTBBESixSo s P I *3«tr/tmtS^fcBIE» 

^coft^ g^us^ y-fe— v^^-e*— >a • if— ^ 

[0143] a.— if (D^y K • v-^^-Mi^-cDa.— if 

hMLt, ##<&«*<Z>*— *5j:tfS P I t£ 

— -> a >ff Windows 95 ^—^(D^> K 
• y^rA^l^lW in 9 5 i/>?^ h y fctMrt-*" 
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[0 14 4] *y h!7 — ^IC&V^te, ^> K • v-^T- 

If* LTV^ I WF i: ct^cq x t u n n e i £r^:/ K • 
^x^^ft^oTfllrici-Sfcfe^, Radius 0):/ 
u hn;u^7t-!i v • ^ — hFAi:J;otttb 

cOF AJ3R a d i u s <DT ? ± *W3&s<lr *y b&±I& 
10 U ^ti&gwmtiiL&^tv^fry MclMftU xyp. 

M£=* If— L s ^(Dll^^^tl/c^^MSCO^ 

[0145] Radius (^IBBEtSR a d i u s <D?9 
-ITI/V {^<Dm^, Sl^(7)^cOFA) 3oJ;U*Rad 
iusWt-^ C(Oi^ MS C<7)*<7)&&if— 

T>FiRadius O01f — ^ t <OW"Ciiff ^ tb^-f^ 

*yH7^ ^Radius CD R F C <D + ^tt^Si- 

<b S^S»Bf"Cfi£5o FAiaotM^tl^Rad i 
u s <F>T P^^mM^fry h(i. Radius ©a-f 

Radius (D^l— if • />*y— KJRi4Sr^A/"CV^S 0 

^.-if . /N^r?^ \?m&<nmhffif&wtfe^mm&xh 

30 ^ Radius^/nF =/UjC«t o T*^^^tS*-?t 
"e»t#ft*ixSo Radius^RFCi^l^f) 

^y^Bfi^R a d i u s cojpftir LT«F#{bSix, 

[0146] »:cDSti^>F ACJ;otR a d i u s COT 

1 . a.— if^JStt : :n«xy K • i/^fA(Z)»SS* 

40 X7 L J±<DzL—F%XfoZ> 0 

[0 14 7] 2. — if • s^Z** 1 ?' — KStt • Z-<D^~ — if 

• bi^—^^ixt^^xmmmxmm^yizj: 

-C##<^S5ffi<7)^r— £M£oT, RadiusWEFCl: 

[0 14 8] 3. NA S^°— h : Cn«X*JB^*3*t S 

[0149] 4. NAS- IPTK^: C4xf*K»Ja 
(DIPT K^t*5o 
5(9 [0 15 0] 5. if — tf .X ' $ <4 ~7 \ d^lli 7U — i^l 
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CD if — t^^fc^o 
[0 15 1] 6. yi/^Af^yD -tl^PP 

[0152] 7. XtunneiynFn/WyN'^- 
^ : CL^cD^y-^^:/ K • ^^"rM^\Xt>^X 
XT u n n e 1 h y hTy/t^^Mg 

[0153] 8. AP - IP7K^: :: nte^- — if ri> 
^^iiLT^LT^APcD I P7 Kl^^-Cfe^o 

[0154] 9. APWMACTK^. :tl(j;10J 
TOAPWMAC7 Kl/^t?*5 0 
[0 15 5] 10. x>K'^f^^Igg|:iy 

[0 15 6] ft^ltt^FA^^LXRa d i u s (DT 

3. XTunnely^nh n/UCD^7 ^ — ^ : d^t^O 
/<y> fenl/ K • v'X'r At^ftt^oT x t u n n e 

[0157] x^K - y7fA(^a-> ^{f\C^^^ 
— a • h 17 — ^liBEfc«ttf3y7>f ^fa u— v'a 

>-CD/-;:#)C7)R a d i u s(Dr/u ha^^ftot, T^7^7 
^7^^]; V» A»* g ft cD fc \z K v > fc:»BE $ 

!7 — ^CQtpGOSgfcif— y-W^v K • '>XfA?!l^WSj| 
(FACiotRa d i u s 07n7|*^>y 

— y yi®t^{:J;oT7^i?x^ti§ 0 
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[0158] 1. ^-AlfiTK^WI P7K^: 
PT Ki/^t*)5, 

[0 159] 2. 7t-y>lif^« 
d : :ti(iSMTP W«^bSixfc^-f ^teS&^n h ^ 

AO ©7*^' ^ y h (/ci:ili\ machine@fq 
d n ::t'ma chine fi^rco^^— y 

• ^^^(D^fiJ-e^ «9 , f q d nfS-t<Z):7*~y 
if-^(£> K^-f VCO^tC^^y :7 T -f £frfc K^>T ^ 

[0160] 3. F^yy^^Ph^;^/^^- 

* : m^iif — tf:* LTl^6 I WF £r/fc — ^ I WF t 

ZtctixD^?* — ?XtbZ>* Ztibn : £tib<DWiX*&.'fr 
[0 16 1] 4. *^C0^(D^— : - tL^^^-y V 

i£ff £*b£ Radius (7)/n^t h ^ i=)=» (7) N Radiu 

[0162] 5 . ^- — if • 7— K : ^tLfin— ^ b 
TV^^> K • i/7TA^ft^otffi^>tl^)^- if • 
*I7- K"CfcSo ^<d^_— if ■ s<XV — Y\±2KD&M 
if— tr* • ^p^^"t?£«Sn5o d<zv*;*!7— Ktt 

R a d i u s OR S CiC*5V^rRWS*Lfc«t 5 
[0163] 6. 

^(ifi^^xy K • ^rAi:ft^ot7^^7^ 
^Jl^if — iotxy K • v^x-M^ft^o 

^xmmtstiZo 

[0 16 4] CCDlta^fioT, y >S£^if— ^ 

liRadiu swr^t^B#itrtU "ttl&&CD& 
40 m&£m%Mmn&^(DR a d i u s (DT?±*m*^ 

If— Sr^^^SS-CR a d i u s W7^t^S*|:3 h° 

[0165] 7t-y V^^if— s<frtb ( n — ^ > ^ L 
tl^xyK- v'^rAcoi^) , fe^VMiF A7ii^ii: 
(^|:fc^x7K">7f^»|^) , Rad 

ius^7^t7M^IIt5^ * — a< 
te^thS&CDT^ h y • if— y^t^T ^ir^ It^w 
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If— y«DT^( ryr^f^ *5j;r/^> K • */*irJ*<OT 

[0166] -t<DB*srE«jd«iaLfca, *-j*a^ 

f-^liR a d i u s <DT?±xg:tfrtJ&&s<tr*y h& 

d i u sC07^-fe^f*^§ffLfcFAi^LtIgt: 

[0 16 7] *:£>3f#«riEL< Mt^r fc^s-CS/^ 
ofc4§£\ *-AIif-^(j;R a d i u s COT ^ir^ 

K • v'^fA^n — ^ y^t^fi7t-!J ^S»1f 
— ^IC*tL"Caift U *>5^liWRad ius©7^ 

[0 16 8] P— ^ >^CDW-y ^d*5V^TIi, * — A 

Sftlf— '<ii*^JE**&«U t-LTW^-tttttR a 

F Ai:i;itfLTj£{rr6 0 7t-yylgfw^A 
ISt-^WR a d i u s 3, ha>&0>5MWE 

^JRttSr^F^O^*, RadiusWJSS^3/H:3 

[0169] FA I* Radius COT * "fe-Xj£4f Sfcli 
Rad i us(DT^t^« liv 5 !^ bJ&&'<try h£r§ 
ff-r^ir, tWRa d i u s (Dfc&frb&mfc&mfe* 

[0 17 0] ^r^ju I p^^fi^^^ • x^^^^rfi 
of, fc5lWv/ 3 yat, g&0#f»# (none 
e) Srftor»«Jd*r-f SH*fft*3fiS*8Six5^i:S: 

v-T'Srttofclf^fsa ri^'W^ I P<0«UPl£*3^riK 
t>, BW«««:ftor»*«P<oW*«ll«r*lfc-rSo L 

[0171] Kweffifoixsi¥^«flio^^>r^tt 
JrtStiri^So 

[0172] rco* y h y — K'^rAtt 
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^PPPf-z^^ltPPP PAP 

BEE) *5j;tfCHAP (^-r u>"^BBE^^!7— K) co 

r, 7*5 h • -f > h y HSfcii i s p^-^co 

[0173] T^^r^f ^tfteZTf 1 ?* hV (O^r 

/<? i-BiLrwri-iftW^n^o Pii:Msc©i'TO^yF 

y — trt&WtfrhO)*? 4 \s# Y y • if— ^^-^.(DT^-fe^f^ 

[0 17 4] C^-t—y hy^-^lixy K • ^rA« 
— A I WF ^COP^riUm^^l^^T^ • v*-?<D^it 
£riftf?— ht^ 0 K • v'^^At^jgSJ^ir^r^ y 
^ . ^ x ir^ctoriit^bSr^^ 

M£K<5i^r, ^W^y K • v'^^^co^^^rBf 
-*-5W#fb0)T/l'=*y XA<o^^>T^Srlt5t-f «fc«>l^ 

h t<oiW"e^=f^— h*nfc»^ ppp7i — 

[0175] I WF, • If— s**S£Xf 

(fPcov^-m^*itt*ixrv^5 0 iwF^r^^r^f 
>9 • if— ^t(0|B, ^ctt/T^^^^^v^ • if— 

^o*feff1f«^*siSSr, I P - S e cftifcD'O*—* 
*;K0lPWa5f>f •T'o h=^*ttorrtF*flrt- 

[0176] r C0^> y h !7 — K • ^XrA(7)P 

PPP7 — ^<D^->- K • ^^^ACOggfD^I^ 

[0 17 7] Tf3Vls*r4>?<07 s —9YZ*y 
rt(7)if— t^X t-C^^, I WFioJ:^- A I WFWo 
Ti&H£*x£o if— tr^ Lt^5 I WFfcJ;oTiJXjj!£ 
iiSr^^T^^'f^li, if— tf^Lrv^Sl 
wf a:)M s c^^cor^7 >^ . if— At:^Lt 

50 7-4 ^tf • x— ^ii^ — A I WF(7)MS CC7)cf 60T^7 ^ 
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V7>f is? • if- »<fc#L-Ca*{§ StlSo f-^LT 
I WF (cJ;oTi|X^^n7tr^ ^yr ^ • 7='— 

So 

[0 178] K' v-^-r^On^— v- a ^:fc5j;tf:7 

— y > - ji— is^is h<Dvfr—zsa >kt±teK&fo y 
-t^<X<n^r — ? • h 7 t * ^li^ — ^ 1 wf ^iior^t 

ztntxD-f^xnffin&^Tf. iktzte7*—v is - *y 

T<z>t##£:*L^So 

[0179] if— tf* LtV^5 I WF^«tW-^ I W 
Ffili^nt^^xy K • "r As<Dtztib<DT # $ is 
T^ls? • U^i— K^^ff-TS/c^^, R a d i u s CO 

Radius©/^ ^Vt 4 is ? - h ^/Wi I E T 
F RFC CO J=j=L|j| CO *p X h**~f Is Mb £ *LT^ S X n 

oT.-eLTRadius COT X V >"r 4 >? • Xn h 

f^tt st^ * * • sK^r >-tv y^ir^?!»f>f >^ 

[0180] Radius COT # tyls^ S Is ? • Xu h 
^/WiUDP/l PitUfft, *Lt7^/Uy^ 

S G Ra d i u sWT^^yf^y^' ^7^7>h 

(f -f ^ LT^5 I WF Sfcli^-A I WF) fiUD 
P(7)7^^yr^ ^^Ssft^-jTs/ h^^rn-^tbcor^ c> 
yr^^'fw^LtSdU T ^7 >*r ^ is ? 

• t-^|j;7^^yr^y^ • ^7-Y7yh{^LT7 

[ 0 1 8 1 ] *>y h 17 — ^CO^T% 7^^yr^y^' 

^7^fryh (t-^ LT^5 I WFjBJ;^-^ I 

WF) JS-n- — ifcOir^v'a >(^)lM(:jo^r7^^> 
-to visa XO^tC&^T, T%t?ls^ j is? 

• * 7^7 >- h«7^^>-T>f lS?<D^=r. y 9 7$^ Is h 
£>S*«rttl-f- 0 StfflgWK, Radius COT # V^J- s 
y^RFCItr^^T^^' • ^=ny^^>f> hcofg 
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©Bto<Dfc«> @*<DT# ls?m^ 

«t?)o ^OT^-^r^y^IttliAc c t - S t 
atus-Type of Start (7^ r >Vf 
V'^HttOft*) ^/u^^S^TcOR a d i u s CO 

T# ry-^TV y^s*/^y hco*ic#ffi-r^, 0 -com 
ttcoffifi, t^7^^yr^y^« i^3^F^ x ^ 
. tK^T Is?<du=i — K-efcS^if 3 ft^T-to *>*ls 

SSLtv^57^!>yr>f • f-^^ c 
(^l^Tte:, ^ y * • is V • ^-iry h^SfftS 

[0182] tr* b-cv^s i WFfcj:^-^ i w 

• y>?y ^ t 7^^yr-f>^ • i^* — 

^ CO I P7 K^*3«t0UDP^- • V 

"rj >?(oM8E^ ±yis 3 is/-*?v^Jz y is a i/<n i 
D, *3 &XfT% Visors is? • ^ > h ^r^7 * V 

[01831^7 V V — ? te&m£frlX\s^Z>&^>' K • 
^fA|:»LtU;w7* >-^JRft^fB^-f 

(fx^'WyF) l:^v^7^^>r^y^' ^ 
^ 7^7> htrj: oT-ett^ttcor^ ^^7">f • ih— 

^^i-^tLT, RadiusCOTT^ ^V^-r >- if • y 

[0184] 1 . j.— 9*^6 : mi^ifSCOR a d i u s 

S/c^ic^^ti, -r-<Tcor^7 f> yf>f is? - 

LTV^ 0 -frco^^ — y Mi T u s e r @ 
d o m a i n J Xfo <9 N CI CI "C d o m a in \±^(D^ — 

ifco^-Aco^^^^^y ^r-r ztitz Ys^^is^xh 

So 

^C? [0185] 2. NAS I P7 KU* : mte-hfBcD 
RadiusCONAS-IPT Kl/^MTI/^ C ^ CO 
Jltttt^ — ^ I WFifcfi*— t:^ ttl/^ IWF^I 
tTLXl/^S^v-^co I P7 KU^*»SiJ-TSfc«>^ttfc 
txSo 

[0186] 3 . h : r tOjRtifi^.— if L 

^fir«ttLTV^5T ^i?^ • is htcjbNtS 

[0187] 4. 7^t7>. ^yh(OIP7K^: 
50 r coMt^^^— if tc*J- Ltt- if* «r»W LTl^ S r ^ 
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■fe* • sJWv b<D I PT KU^**BU"t-a o COjRttfi 
[0 18 8] 5. If— tf* • : C*ttt±1B^R a 

[0 18 9] 6. 7 J^M^-^u h : d4xii±fB 
WRa d i u s^yu-i^S^yp h =*/VJRtt £ fHT V> 

5o ::<z>JRtttf)fii:te;p p p**^fctofcR5eSj|xSo 

[0190] 7. T# tylsy->( >^ • — • 
^ : wjft,r±±iE<£>R a d i u s (OA cct-Statu 
s - Ty p e JRtt^fSrv^o C^JRtt^tt^R a d i 
usO^-fT/'F t©a-f©t^>a ^ Sr BH *6 Sr 

— ?-tZ>fzib<nS t a r t , *S«fctJ*R adius(D^7 

5/;MStopi:t5^t«t5 0 T% Vis*? 4 is 
^ • ^ 7 -Y T > h Acct-Status-T 
y p e/S t a r t JH£{1^>- K ■ ^^x^^SSNPl- 
3£££*L£o Acct-Status-Type/St 

0 pJRtttt, MIOSIS T*^> K • 

^Wltt^ttiS tar ttfe^ Z<OT*ty>7>{ > 

[0191] 8. T# ty^T-j is? • -fe v'a V<£> I 
d : Ztm±m<DR a d i u s (DT ti ty J Is? - ± 

Tfi, ^Oir y v-3 ^ I d te^V- K • 

5 0 ^ — ^ • h!7 — ^*5J:t57^~y >^ • M7 

— ^ flPW £fc-£<Z)Acct-Session-IdJR 

[0 19 2] 9. T^^yr^y^-v/l/ft^^ay 

1 d : mf3:_hfe<Z)R adius(7)Acct-Mult 
i-Session-Id ^ffilTl/^o Z.<& I d f*afc — 

Oftt^r I WF^^j-LTiiff U I WFttt^TWT* * 
[0193] ^(DT-^Tf^^lCtt^XmnZtl&M 
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^fAMtSiftS I WF^^T^^f^ 

*l5o I WF«Oig#^^fc^^yNV }?*7<Dm& s Ac 
ct-Session-I di*Sfc5 I WF/&>bttlT< 

Lrt> Acc t - Mul t i - Ses s ion - Id 

y# i w f J: o x$&f? is fritzy 3j ty yr ^ i/tf • u =i — k 

f£*t L-TIrI CT^So -tyi/al/l d*3«tr^-e/U^- I d 
(±7*— y V • ^y b!7 — **5j;tf*~,A • hl7 — 

mfe&Zti^tMDTX ty >7-j i/jf • t^^jttsr 
"C#5o :^t7^ 3 yi d^ct^/vft^y'ayi 
n/^-r ^ic*3«ts i WF^wctt^^r^^yf^ 

[0 19 4] 1. T^^yf^y^flffliRad 

i u s ^T^/^yr^ ^^«ffiH#BBJRtt#fl8o 
[0195] 2. T^^y^A^fyHI:: 
Radius <DT % V 4 ^ PXtljrZ 7* y h^C# 

[0196] 3. T^; ry^y 1 ^ V^tb^l^^-^^ ^ h 
t:Radius (Z)T^7 ^yr^ ^^ffi^J^^^ ^ 

• y V^OO^— y H\ fcSV^fiR L PiC iotl^ 

[0197] 4 . t?>ir4 >"?(OmU. : R a d i u 

— tT^ LTV>6 I WFSfctt*-^ I WF WV^tl^S-t 

n— ^7/1^ (L o c a 1 ) ^/cf^y ^e— h (R e m o t 
e) ^/^o 

[0 19 8] 5. ty>7^< • ir 5/ >(7)0# 

BB : R a d i u s C0T^7 r>>-7^ y^-t^/v'a >^«fIB 

r©Iffitta-f^of-^ttv>5 iwf 
5tf tr^SrSJtTV^^p|Bo*Srii»t"So ^ 
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[0199] 6. 7^r)yr^y^A^^7ht:R 
a d i u s <DTU V^TJ ls?Xt}'<#y M£Jgtt# 

ttii^y K • ^f^^&t-^X LTV>£ I WF^A 
^ P P P 7 U-^^iMIitSo *-AIW 

xJi&titiP p p y \s— ^(D^k^^m-f-Zo 

[0 2 0 0] 7. 7*?>f^/fflJ^yhft:R 
a d i u s (DTlJ^^^ ^ffl^A^s/ h»JRft# 

<Dm&l*'V'—¥x LTl^£ I WFCJ;otx> K • 

& 0 ^AIWF^ -©jmttt*^^ — ^ I WF 
^>^rc> K • v-^^AiC^J-LT^ff P P P 7 U — 

[0 2 0 1 ] 8. T# >^ • S * — hcDJl 

^ : R a d i u s <DT 13 l/*r 4 1/ >f • ^ ho 

[0 2 0 2] 9. *y h!7 — ?<071J >tf<D# 

a d i u s (DT13 ty>"r >f >^m\±(D^-X:(D^U^— f> 
£tl3 0 tM^COR a d i u s (DJUtiA c c t - T e r m 
inate-Cause t>ffj£-t& 0 ^<7)JRttfi A c c 
t-Terminate-Cause JBtti^ cfc o X1l '< 

[0203] 10. h ?(d^t • y >9<r>7 9 

[0 2 0 4] 11. 4ty ^60/^^7* — /U • 

[0 2 0 5] 12. *y M7 — ^ • m — v^y hCO-^v' 

i wF^iftiti/^wy^i^ty ^r^r 
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[0 2 0 6] 13. ^^Fy-^WT^^yr^y^' 
f-^y^ • ^ >h:Radius(7)T^7 y^ 

T\ *36W<£>*s/ h V — ?<DMrfcmx*&, Z (omit* ft 
\itcR a d i u s COT 13 l«"r >f ^^Mbb'^r y h%$t 

10 try ht?*5CJ:4:l!*t5o CKOHtt^ffffiUTV^ 
T# ^y^ ^HMte'^y Hi, T^y^y^- 

[0 2 0 7] ^<7)#J||ft*Jfi?g<|BJc:i3V^-CH:, -T^Ttf) 

MD 5a3«tr5##(0»*O*— SrttoTBtES 
ttftJttlfiftfc&V^o ^^IWFKMtl^Ra d i 
u s (D71j ^>x^ >^ • ^—y< t comis^P l^WEMcotz 
^(^tt ^ l:J: o tft^ti^M J: o t 

20 mf&£tiz> 0 tijv^tj is? • ^fciifrt-**:* 

[nWFiaotgbWMwM^^Ht MSC 

'y-^yxopfli:wfnwist-^[aot i wf 
[0208] «>^^>r • i^— ^wy ^ h 

J*(D^<DT13 VIST J • *y—'«DWWi\±, * y b V 
30 —tmM tt-AJoiO'f-t^LTl^IWF) frb 
^wr* !?yf>f y^ • r-^SriRftl, ^Ox— ^ 

^7»> yf>f y-^ • -r — ^xXA^t^- hi- 

^f^or, r^i ^yr^f y^ • t-^iiAMA© y 
^ • y^ — ^ y bX*(DTlJ *?l/"r A • W=i — KSr, 
^ I^MIIt^fA^LTTCP/I P h7y^ 

^"y h • (Dfzbbcn AM ACD^V is? • u-^— K • 

m%tezti^ti<DnmmisxrJ*\zttLXTij$ 

5^? [0 2 0 9] 122 {e^V^T, ^ — ASfcfif- L 



332Dooo4 $\mm • <&%\m 



49 

ft £*l/c£<DT# • 7*—9&, Tio^^^r 

V I WF^bS» ^frfc^T*^^ ^ • 

^i^y ^yu • if— ^;fc5j;TJS* * h • y^nUB* R 

[0210] T# £>x^ >^ • if— ^fl^^ K • i/x 
K*r S Q Lf-^^^lcSfttfSe SQLf 

N. 1 ^fb77^/^^^)7*!?yr>r >^ • 7*—* 
fb^r^/K^^^-— -^y Nil K^r^p« >- MbStt* CCD 

>r • if-^tefe^nri^T;*; • x 

t«T7-Af^ y r £tL-5 0 
[0211] rnxm^j v y fiMx^iciH+sm* 

fctMft^SfcfcKttfctt* * — A - * > h t7 — ^ (cg^ 
h y S:#ffit5o #*PA#^i:l^ APAx-r h 
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[0212] 1 . if* : JpA^U^ — KW^w:t7) 
7^^KUSMTP07*-7yh (fci:;itf, us 
er@fqdn) l£&5 0 :^T*u s e r T'7^- 
/UKtt*^A#Sr*colPA#o*j»3^--A ■ h'*J> 

^PA^cofeiS^ — a . K^-f ^SrlKBUi-ao C<£>:7^ — 

V — 2 - if- t^^O*PAR#ic, ^OjPA^t^LT** 
7(7 ill^— tr^ • >^ny<-Y ^^ioTWlJ STbixSo ceo 

[0213] 2. ^-t^y -^^ (Dir^rzx y x-r o>iigigf+ 
-^coAPA^co^ — A • ht7 — ^ ^f^:^tlr>f 

try ^^(D-fe^^. y ^^^BBJtWfttt^JPA**:*^* 

^-1/ V - i/7^r J^b^O^ — j* • t(D 

^H*(OiDAfOt^ayf>f • ^^^-^^ h^r^JPA^- 
h y ^^^llH^ft^V K • i/XT-J* 

^-^yyf^^ (spi) ^{ioTP^t/m-To 

c ^^f^iaot, ^JPA#^^coKia^ij- 

40 Z> • ^Srai^^sK— hi-^o C^^ffiT\ *p 

(h^^#^iPA#cDfa^tf$ftOft!lI^, ^tlr^f coir^f 

[0214] 3. ^rA^MACT : Z.(D7 ^ — 

^ Kfi^PA#tc J;ot3ft^Htv^ ; ef^(7)MAC7 

5 0 MACT • ^co^lEJi^— if CT^: (c^^ 

50 l^f 5^ tdS-e#So MAC7K^(iliW:^-A 
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[0 2 15] 4. MAC7 K l^BBEflM * — ~f )V : Z 
(D"7 4— As KttMACT K"l^ • -<—*<DWM&^^ — 

[0 2 16] 5. P — * • >T^ — Zf/V • 77^ : C 

LTp-^t5 wirtfHftSixSo ^(7)7^^K^ 

[0217] 6. p — ^ • K*>f >"0>y * h : ^© 
-74—^ K fit la — * >^ • sf^ — y/i, . 77W*- 

rv^^^-yv- K^-r >coy ^ h^-^tfo ceo y ^ 

[0 2 18] 7. -fr — If* • >f* — y/V/^V^rc — y 
/V'77^: ^(7)^^—^ Kfi*JnA#fc*H-<51f-— tr^ 

— y/uj t5^iiSt?#5o ^(Z)7^-;uK^fV 
^^—^/i^nTi^fc*^ *0)*nA*tt:1^if;*li:*t 
irs»t5: fcristTSixSo *oJnA#a*»ft£;h,T 

[0 2 19] 8. ^y^-^7h 'f-t^^n/M 
I WF <t^:<7)^ Y • fcT^ • 7 P P/W 

pppfw^«i:L 2 TP 

[c:, P P P(O^SS^m — X|C*3V^T I WFiC iotftfc 
it5o C^7^-;u Kli-l^OAf W I S P(Z)7^f> 

^^A^teoTBIiESrllfT-rSfc*, *3j;t>*L2T 
P h y h7 y^tSfcftl-, I S POt^ u 

^ h y \ZT?±X-tZ> 0 
[0 2 2 0] 9. mA%%£>J:TlT KU^fflg ::(D7 

>f-/umJPA#«*«r, ffiFJf. sissf, 7 7 ^n 

[ 0 2 2 1 ] /ft' — A • K^>"7^n!J (HD 
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D) {ixy K • ^rACj^otf g^^Tt^fc^ 
\z s rev K • ^^^A^BB-TS^^^— ^SrffWUi't-fc 

jlltV^^ fc£ K • i^-rA^p — A 

nti#(Dm&, A»«-^— ^©swsrfi 

>*M::7*—- y £{£^U 
7(9 Ra d i u sO/p^r^i: Ltit, CKOt*^ U ^ h y 

»Lt^(Df*:^t?)c p~ S ^/oxy K • 
7AOi^, HDD(^|ft^n5^7^-^[t 

F<DPfl£> h^;KD^y7>f^a >a WjJJfSrg- 

[0 2 2 2 ] Zfe^flMS^HDDfctMftSiXTV^o 
1 . /ft — A • ^ : ^<Z):7 Kli^V K • 

[0 2 2 3 ] 2. /P^r^llg* : Z<D7j—;V Ktt 

[0 2 2 4 ] 3. *-Altt-^(7)DNS^ : /p^f 
^ «M77^TRUEt$)o«^ ^(O^^- 

muzti&o ^^DNs«(i7t-yyiit^i 
otiprK^citSiJWo yv^^i^-/^ 

[0 2 2 5] 4. 7t-yy - KMy*:/P^ryI 
iM*77^^TRUE(7)^, :©7^-^Kfc> 

k • ^7^^- ^sst- ^^t-^f-f-^^^-— y ^ • 

fR^r^oT, SMTP7t-7-y ht^7t 
— y > • ih — • ^ri/XD id, t X.^\ m a c h i 
ne@f qdn^«f^c C^vi/y i dtt^^Al 

d i u s<oT^-fe^»*<z)+-eas(B$ix-5o 

[0 2 2 6 ] 5. *toS?g»5r- : 7 p p=^^S*7 7 
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n^x^m^, ^<d~7^-/u h*nmmznz>o 

[0 2 2 7] 6. h^D y^'^n hn;uc0^7^- 
^ : Z<D7j —)V Kte^V K • e/XfAC^tLTf-t' 

^MSM^-A I W F ££>|ffl, *5 

i wFi;>ftt?) ^^^^fci^f-if 

XL TV ^3 IWF?5^^^ I W F l^M't'^ > 

*y >^ • m/h 2 TPjc*j-r5«aij^*3j:^ 

I WF t ^<D^T £<Z}ffflTL 2 TP h ^^yu^flg fifc-f-^ 

[0 2 2 8] 7. T% V^'TJ ' V—;<(Dm&tt 

it„ ^<D7j — /UKte, I WF^xy K • i/XT-JxlcR 

^•^ol> ^/WCO^ml (fciifl RADIUS) , 

/M-@#tf>igAa<£>^^7< — Ra d i u s (D7 jj 7 > 
"fs Is? • h = /U0>*t? I WF flStefrftttftfiffrej 

*^#W0>«*0>*— , fxy^ • sK^f^f 1 ^ is?<nm 
[0229] sv>i:d- 5: v^^fMeSTJeAy-ev^sftHS 

> K • y^fA^^^^-A • ^ y h V — 9 frh 1 o<£> 
7*—V is • h!7 — * |:n-AfS«^ t«*s/ 

K • y^rAlc^tSt- tf 

[0 2 3 0] * — M • • h y (D^M(D 

tztfXDV 7 b f^TIS, y^fAflf«tt^77 
^ . ^l — if . ^ — ^ji — ^ (GUI) XCD 

HDDv^^^yh^ — 7^ — 7&mi&-i-£> Z t 
a*#*LV\, r^GUi^rftoT, y^rAflffiH 

5o r^GUlIt p — ^ >'?<Dmffo\zm<$\<'*XV 
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h^Mff^ntf-r^fc^i^^^-y h?-^ 
[0231] 7*— y >- • F7^v.fvi/ny (f 

DD) te:* — J* • K^-f > • 7^ h y <7>®<D«£tg£ 

y ^ • *v M7— ^StBeu t-tr^ttv^s iwf 
10 k* — a 1 WFOffll: l 06O h >^/u^^^ci-^^:fe 

-7t^y>*WwM(?)^, 7^ — AIWF-t- tf 
^LTV^5 I WF60 h ^^7UCD33 l/~7 ^tzl *>g > 

I^t^S^^*^ LV^ 0 F D D li P — ALTl^ 

^ [0 2 3 2] Jk<0«*iSFDDfClfrj|ft*n6 0 

1 . 7 Or— y >^ • V^^C^^j : ^co^^— /U KI4> 

o 

[0 2 3 3 ] 2. ^(D8$^(7D^~ friXtt^^— y > 

^ [0 2 3 4] 3. xfr — A IWF - f-t'XLTt^ IW 
F fflCD h y • ^P h ^/KO/v > — ^ : 

>f — Kfi^ — A I WF tr* LT^5 I WF t(D 

^^mt^ti^o *'hco#>3\ ^(7)^^— Ktt*tffl"f* 
hV^y is? • ^P h^yKD^^y, ^j:t/h>^y > 

fi, Z.(D7 ^ Kte hv^y >^ • ^p 2T 

— J* I WF tcora^L 2 T P b V^/^fMt5f:feC 

[ 0 2 3 5 ] 4. T# • i^— ^<Z>Migtt 
It : Z-<D7 4— )V Kfi, I WF^xy K • v-^^^^ft 

>^ . bn/KO^ffl (/c^ Xjt\ RAD IUS) , 

PtK— h#-^-coi: 5 ^^wr^^yr>fy^ • ^p h 3 

/^t-H^COiiJP^^N^^ — R a d i u s COT # 

• ^p h 1 wF^ftt?*tttttf>fc^ 
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[0236] >^(Dmm^Ay^^mm 

ft, JSiWSft^n-fe^Sr^T-rSfcfet-ttfoixao ^ 
V K • A^s-^^/Jn — A • h 17 — ^^b7t- 

y >- • h 17 — — -^CD* — A-^> 

[0 2 3 7] :7;*- — y ^ • h7>f>"f^^MJtI 
y^h^rte, ^rAfIf»U^77^;u 
- a.— if • >f l/# — y ai — J* (GUI) ^-^WFDD 
■v*^ >- h • >f i'* — 7x- ^$rtift-r^> c ^(7)GU 

Sr***3«tWlE*"*"«wi:AS-e#S a :wGUIIi, p 

ftt^;*- — y >-**l&^ y h y — ^ • tf^ • 

[0 2 3 8 ] -O^ — *y h • U— fcr* • 7 P n/M^(7) 

r-ri/^Mi (ispd) ttinA#fls-t<0*s> hv — ? 

^i^i sp^gitt^flt^tfei^ tJn — a i 
WFi:J:ot^ix^ 0 «-JU0A#ic:WLT, JtlA#^-f 
t/^ hy i-te^coJPA^co I S Pd^tS 1 oc7)^^ h 

or, iPA#Kttfc>oT I SPl:#t83*^^ay«: 
[0239] ^7h!7-^ • T — ^rX^-Wln — ^ > 

• ^D^^lt(DD-> >^^60 

■fey FT^^t^ h Lfcttfttf ~ tU2 2 

oco-<^ -f-fcfrfe, (i) tr* • 7 p a^y 

(2) br^ • zfw<4 yF$x*<Dn&m&<Dm%.%m 

[0 2 4 0] JUA#3&S-f >-* — * s/ h • tr* • 
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^-Y^ i SPOPP P+h— s< (-ttefrh, PPP, L 2 
TPfciMa d i u s <Df£k*<DMRmm(D7'x2 hrs/U 

I S p©r^t^(^t5f>f h y 0>JE£r*5J; 
[0 2 4 1 ] u — ^ ^^C0^^^2oCD^Hi^— If* • 

^««B*f-#— h-T^fcftic, -tti-eix©^— A*3J:t/ 
y >co K^-T v • t 2 -f h y ^MfrLftttfttf 

Tly*— y F7^V'fV^^ hy &mtf>Z>tctb<D 

Wkdu— tr* • / M j; o r f i-efif fo 

^ tt^o *^-Afc«tr;7^-y y© h7^^ • 

[0 2 4 2] ffi^JS^ffim^tt, ^f^M^ 
-tZtcbb, *5iit>\ I S PiSn— * V^(7)B8«SraitiW 

[0 2 4 3] ^/JnCO^^, ^y • T-^rf^ 

^ [0 2 4 4] <fe^jtJIS»llS^*3V^Ttt, >fy^yb 

^A(c*f-rs^^fflf#«r I S P^tT9 - fcj&s-e#6 <fc 

[0 2 4 5 ] y^s^T A • V7I> ^znTfi^ — A IWFt 
I SPtfcW^h^*^ hcOP P P a>M ML 

2TPW-Fn^iaoT, ISP^^y 
^^<— h »>fyh7^s/ Hc*t-t-ST^"fe^Sr*3iK— h 
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^hyfi. Ztlb<D b >*/^&±J&-fZ>fz#)t- IWFC 
^9t^f b • trx • 

So if* • -fn*4?h4>9—*y b • 

t 5 1 o|i>f >9—*y b • if* - ^n/M 
J;otii|W^^\ anA#tf* I s p fc&ilH-— tr* 

[0 2 4 6] Z<DisX?rJ*te, M7 — 9^M^M 

ryy *>g vte^:/ • y^ r>ifc7) h ^/(^v^ 
fi-kffi i-^f-r £ ^ v h <E>® f ( 

So 

[0 2 4 7] ±{iL"</KZ) S NMP^-^tCIl S 

NMP <D b 7 y^Srft* — A^HB^iiftSn 

[0 2 4 8] * y m?— *rt-e«t, *st«:fcj:tMifc*w 

*y YV'—9^;M<D i gmti*, SNMP/p h^/^W 

fi^r^y >5r— v-a y • 7*?? ^ i,? . >r y*— y 

^fapi *r«or*-y by-t^mmm&mn-t 

5 0 
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[0 2 4 9] T^f^f-yWlcit g|^^y|> 
f&l ©JfloaWBJISItt, =i ^r^. y • x — 

9 ■ s<—7^—^>^ • 7*— 9 ' ^=-93o£Xf 

^—y^y *y Lfc»-g\ ^(Dmm^^-^^tm 

[0250] mmm<n*¥<r>m%k'^ (wh) am 
fi, tst-t^-yp/^^ (wsp) fccfco-cjfftr 

c7>y y^, >fyh7*yF, Sfcl*>f >>9—*y h^0V^ 
ftlMSSLT^WSP^lgit^ (rs) 

LTSHttsjx-ci^So wsp©aft*w<^ awn. 
<&%m<n4 >9~7^—xmm&nn-tz>tzib\z7 3 u± 

«^ttrv^5^s«*v\ am, r*^7^m 

J90)7*-9 • iry^— #ffi(7)^— ^*5«t 

rfftLvy y b *}*.r • ^e-v^— /^^^^ Ftsi o^fc 

li i s po^y h7*y hWLtlHiSSns, — 
y yws p^y h !7 — ^^B^nTv^aSk*— ^tt 
7^~y>aft*— (frs) ^^m, ^ttxy 

y*—\?x&z.zx*mA-tz>) ^i^nti/^aftf-^ 

Ji^ — (HRS) tWJiSo 3^ — A • ^ 

^IWFfcPftfn, — *\ 7^-Uy-^7F7-^ 
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s i wf tm-itiZo 

[0 2 5 i] mfeMtomfcv—trx ^kl- 

-CV^ftV^V K • v'X-^A) <£>«rg\ x>K' V^fA 
Sif— If*) , fcSVMi^*— y >- • h^-^^b 
-^±©t-tr^i:»Lt!ftt5r tasT*#s 0 ^> 

loa^fcHt-s c t So 

[025 2] Tfc — jUlZl/^&zi^' K • ^^rA(7)I^ (0 
2 3) , h!7 — ^JpoSft (P-*/Hg4^) tt 

k • ^fA^r^p p P7L/-Aiiii^y^gi 

H£ 0 ^> K • .MCfcSiS^, ^(D/fc — 

AIWF^XTunnel/pf LT^c^M 

*^:/fcSttsnSo 

[0 2 5 3 ] P — ^ >y<Di$My— tT^ (EI 2 4) CD* 

m^—^n^cn^^ K • *>*-7-A«r»BELTS«"*"S;fc 

^te 1 o<7>U— tr* Itl^IWF SrM 9 ST, 
tltl - XTunne 1 7P h^/K^n^^Va V 
#S ^O/Jn-A I WF 1 LTV^S I WF ^ »Pfl 

— fcT^ LTV^ I WFttJftlft^^i: * — A I WF £ cop^ 
T*7U-A^t(j|t5o ^£D*-AIWF^^ N ^(Dm 
C I WF<7)*fcK4LT^S^te«:<E>S>S P P PIT— '< 
(-Tftfc*), *K>f > h • — • sK^f ^ h • ^P h^/U . 

•fr- \z.ttLX7 i —*&mig S4xSo L^U -?rco^ 
-^^|j>i#WPP P^-'*&rax.-^S£*<7M > 
h7*y I SP^yh7^y MigbtiSl 

£\ ^^f-^liL2TP7 P a h3;>^gSLt^P 

PPf-/<(^tT^f$ti^o ^<om<o^— ^(1 ii 
— h • -fr— IT* • 7 s n^^J;ot^^ti, SI 

MACHco^gUL MACl*5«t^s/ M7-^iWS 
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[0 2 5 4] SfSI* 3 0^)7- X/uSr-fe y h T y Xf 

S Q 7-7>l {±&T?±X • M-nsiiwtfbft 

T*50, 7 s — ^/H tt#3*^^3 ^ (fctx.fl 
^K-v^^A) =i^^v-3^ID (C I D) fdJ: 

^e-r^ (wm) orK^ (i-tet>'h. zh^k-v-^^ 
^~:7Vu2(±#m;»^:/ (wh) tmmttrtbthxte 

tlt7- 2 = v's ^ I DSr*fj£UT 
XTunne 1 (D I D (XID) t BB3tf+tf So X 

^3 «#>f v* — p-^i^HrtB (iwf) KBflaWtt 

£0 Tunne l(DID|5j;{;iP^-F (IP/por 
t) icBBig^ttSo -nk^T-— ^KZ>fc«)<oeS6*4x 
S^^hy^ti, elf y^-Ytfa^RWS:**— h"f-S 

fi, *nK^J-*»fenSiK*35SfcSl:ilftffi07-< — 
^ KfcfcSo 
[0 2 5 5 ] 



30 



40 



50 
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C I D 


WM 


C 1 


WM 1 


C 2 


WM 1 


C 3 


WM 2 



£2 : WHK&frt^Zi^v'a > • 



C I D 


WM 


AP 


X I D 


C 1 


WM 1 


AP 1 


5 . 


C 2 


WM 1 


AP 1 


5 


C 1 


WM 2 


AP 1 


6 


C 1 


WM 3 


AP 2 


7 



S3 



C I D 


WM 


WH 


X I D 


IP/Port 


C 1 


WM1 


WH 1 


5 


IP1/P1 


C 2 


WM 1 


WH 1 


5 i 


IP1/P2 


C 1 


WM 2 


WH 1 


6 


IP2/P3 


C 1 


WM 3 


WH 1 


7 


1P3/PI 


C 5 


WM 5 


WH 2 


8 


IP4/PI 



[0 2 5 6] p — J* LTl^5^~ if il^fC, *yYV 

TW^) K • ^^rAl:J;oTl8©^ >^ — ^ 
y h • 7 ^ir^^fc^i-ftfrti^^P h 3^ • X? y? 

iwf j»^^iPli:»3ffc«^ixrv^5) k 

M:*tLttiBt5o 0 2 6 13*— ^^V^^,^^ 
*y htfclil SP) f£7*i?;*^5fc&f£{£;bft3:7 p 

^ i wf mm^tm^nmzmm 

&mLX%L±M<Dj>> hy*y NSfctt I S p 

J;otI»l:>fy^^y Her ^i?*-T6fc#>f;:Ggfc> 

U ^o* — A i WFfi I p/u— ^ ^Mt^ y-fe— ^ 
Sr^iKH- 5 □ g|2 7 djfcs^T, ^yt-^Fn^^ 
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^/^-A I WF^^f - ITV^ I WF (»» 
^ic91c^tbfcV\ 02 8 fin— ALTV^S^ 
A^fcte^ftLTV^^:/ K • ^rAiaotU ^e — 
ISP) \z.T ?±x-fZ>titbtz.i&t>tlZ>7'r* h^/u • ^ 
^-AIWF (il^ii, /ft — A • *y h!7 — *<D#ft£ 
fct* I S PCDP P Plf — ^iCcpSKSaxSo HI 2 8 i^V^ 

&S) *if(OJ:5t-5iia+SAMc«*5n*:V\ if- tr 
^LTV^ I WF ^JzU^Jft'^riS^^fc: 8 ^ — ?(Dmz 
*x hi^#LTV^^ fc£V^f3:|^ — ^{c 

^ A^tltV^ t g\ -t<Z>*— tf* Lt^S I W 
F t«Hj8l^^t(DPfl{c:XTu n n e 1 ~fu h:n,u£{$ 0 
fc h ^^*RSf*"S^*W:ftv\ 
itf [0 2 5 7] mfeO^o • 

Fic^v^rr*fi*< , W$k^~f\z.i$\^x $ — V £ 

fo«*Lfc»Bfff-*a»^ h£r, IWFi 

^ftS^tfe^feSiS^ RLP/nhp;^i»^ 

fc 5 1 0<Z>*»JKf*&j|fc^:/fc i WF k<Dffl<nXTu n 
^ n e 1 ^UDP/ I P(D b y h tlZ V ^ fc 

<7)-efcSo XT u n n e 1 13:7 I— ^ • JJ U — / ATM 
oyy^iS:ftor»it5ri^#Sc Lj&>U u 
DP/I P^9:^:ioT, tl^iOMWF 

[0 2 5 8 ] Sfef^ PPP/pM«|^tA[: 

-eio*fcfi-tixK±<o^> K • ^T^C^-LtM 
40 J; 5 ic, Mlft^x^ 3 0 0iipppya h ^/Hf#^S 

ft ^(O P P P^ U - K W - t^ 5/ h • 7 

2gftt'M< i fc l o©x> K">^fA3 0 4^J; 
[0 2 5 9 ] XWD MAC&%y f> ±/Hk'i~Z)tz}sbl£r) 

—V-^y b • 7 1— AW7t— h^>|Kl3 0(-^$t^ 
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-afro S3t7F^W7^^K(t ^y^TV^i^ 
C7V Z<D7j — fV Kil <£>M AC ^ 

!7 l/-A^|j;XWD_C o n t r o 1 9 , -T"— 
^ • -7 L/-^(7)^(iXWD_D a t a^feSo 
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[0 2 6 0] ftcM, -Y — **5> h • 7 U-ACiHWD 

S: 1 6 tf y h tfSr irdS-e*. ■* LT XWDCDfiJW^ 

tC*S*bTV*5 0 r<7>>f— iM^ h • 7U — J^h^v b 
^t;V • ^s>£\ P P P^^^f P — K • 7 J — ^K*5J:T>* 
it? XWD(DMAC7^-;UKS:^-ev^e Y-t^yh 

o^^ir/wb^ffio-rv^^y ^ y^-ts^ 

[0 2 6 1 ] 

[^2 _ 





my n 






XWD MAC0 










7*'J5rO* 


MJMscobver. Req 




MACi-tf' 


XWD.Control 


0 














MAC7* DA* 








MJMscobver. Cnf 


MACa-f 


MAC7" DA' 19 


XWD_Controi 


I 


M_0penSap. Req 


MAC7" nft' 19' 


MACi-f 


XWD_Conirol 


2 


M_0penSap. Cnf 


MACi-f 


MAC7' DA' 19 


XWD_Control 


3 


ILCloseSap. Req 


MAcr da' ir 


MACa-r 


XfD_Control 


4 


M_CloseSap. Cnf 


MACl-lT 


MAC 7" DA' 


XfD_ConlroI 


5 


M_EchoSap. Req 




MAC 7* DA' 19 


XWD_CoiUrol 


8 


OchoSap. Cnf 


MAcr da* ir 


maci r 


XWD_Control 


7 


M_Connect. Req 


MAC 7* DA' if 


MACl-r (x> 


XWD.Control 


8 




(tf • m) 








M_Connect, Ind 




MAC7" DA* -f 


XWD_Control 


9 






(APW) 






M_Connect. Rsp 


MAC?* DA' 




XWD^Control 


10 




(AFtI) 


(IIA7* II) 






M_Cutinect. Cnf 


HACl f (I>K 


MAC7" DA' 19' 


XWD^Control 


11 












MJDisconnecL Req 


MAC 7" DA* <r 


MACl-r 


XlfD_Control 


12 



[0 2 6 2] ^{-t#0iJf-:£l^T, P PP^n h 

p^;i/'xyr^yH7-^ (LAN) ^*<**n 

0 Ji«BHe7 f A 3 5 2 ^|iLtPPPyp hn/Ht# 
^Sif-T^o ^-^ 3 5 4 i»I^r A 3 5 2 P P 
PffifRSrSftU ^^PPPfft^, LANyy^36 
2lSt^VK'^ri^ 3 5 6, 3 5 8, 3 6 0^3 



[0 2 6 3] 4iit7)^y Kt7 • !l tdS»4t5 
RT*Bttas*>l9, -tttfett, (i) p— • -=eif 
^ s (ii) -^>T ^ p • j ei^yr>f, (iii) ^ 9 n • 
t^f^ *3 J: ( i v ) ^ p — ✓ w • tr y r- >r t 

Ji^itStt-f, *-Alit-^j:{;isp©ppp 
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YX, I SP(7)PPPtw<|i^tt5Rl|6tt^fc5 0 L 
[0 2 6 4] «|g£;fxTV^6 I ETFOT^;W I P <D 

>rT - $rzf • T Ku*Srifti£U K • v^^i* 

i£*fbT h7 t s/^^aS« ZtiZk, — A • 
V Mi^:x K • v^^i^fa/^oTi^ h 9 t s> ^ 
*na**— * - M£PJ*bfcBSU:*ffii9 U ft 

ici^eco h 7 t y * Sr-^tf^r • Or? • r K^i:»it 

6o K • i/*7-J*<T>*7 V >- • Mi-t 

atfSLTV^S*;* h (CH) (yu- h*jg{fc*;/>'a V 
[0 2 6 5] «3g£*bTl^£ I E T F(D^ry<4^ I PtI 

M(^t^) ^Ty^8J;W^7 try con 

m*m&ir*z.ktm\*^z-b&&frz>o b^u 
w^Rtawft^try x^fl c 3att-t<D«t 5fcB««:*je-*- 

w*#*«p«^»-&«> *y bv—*m<ow&m*ftt> 

Sih/Tl^S^'W ^ I P^*i-:^T&;frnTl^:7 7 

jyHSili»4 5, ifcCPDP (t;U7--f^^ 
*5v>rfi&*?tt-ci>s, tr* Lti/^/r — co-r 

[0 2 6 6] 03 3|:^*ntV^SJ;5l-, u — 
ff b^APa>fc&#U^:/0>A*«:3:«U -^bT^cDfr 
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[0 2 6 7] IrlV^AP (-ttefr-b, ^(D^-ly K • 
a >- • ^ — ^/Hc*f LV^>- b y — Sr£jSU 
• try co^v K^-^i^*5V>Tfi, asJI'^te^k; 

C l/ y </KOlJ|g$:'C^)5 t bTf&|fl;b N e^tf^** 
v/a >- • -r— :?Vw£r, -tcoffUV^AP^St-rs^^^^ 

hy— srm»i-«o m<DAPtm(D^^ b v -zwrn-t 

5:i:m5*ft^M<i;t3ofc5 B ^t^ii, 
(i) ^AT^hBf, (ii) SffLV^AP^e>#Si»/N^ 

. ^ o/ir — , (iii) ^r(7)3i^hy-^ 
^ [0 2 6 8] 4i£^£tLTl^ £ 5^, ^-f • 

^■try K^-^ttiP] ^tcjRLxv^ 

i wFiaott- tr^sn#a*ij|»^^iB"e^)3i 

©#»S:»5o ^^«tV^«^7>^ (#f 
LV^AP €ril IT) Srff^n^^, xy K 

^{f-T^o ^^DS»S*^i»fbV^AP^ib*fLV^te«|^^ 

30 [0 2 6 9 ] Wctf(D IWF^^/:Si^:^fKt5 
i:, S®t-^«#(7)IWF^^t6t^{:ff^ti 
fcXTu n n e 1 ^ir-^^i^ff L, ffbV^lft 

A^LtXTunne 1 Srf^S 0 ^OfL 
^Ili^Sfi^^^affWXT u n n e 1 2rfi&SH-3 
^ ^UE?¥(7) I WF {Z.m&'tZ)tz£><DXT u n n e UR 

T u n n e 1 3/ -fe — Sr 1 1<D * y^ — i>(D^\Z. 

tT^ LTV^S I WFlfcli^^A I WFW^ftlt) 

[0 2 7 0] t^WXTu n n e 1 f^dKJ£«F*5«t 
(OXTunne 1 «*JS«S:Sft i: , 

^co^x b v >^ t^-^iiJ^"^ - § i N if bv>^/N^ 

CfcS^^^i/a > • y^^^coSf bv^AP^^f-T 

50 is 3 >- • 7 1 — ^US:M«f b, ^i^JS^^rnv K • 
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[0271] &mv-'<tem<Dmm^y^Mvxmi&* 

*5j;l*MAC:7^u* • T KI/^ • x — ://i'*3«fctfflfr<0 
[0 2 7 2] g|3 5K*Stl"CV^6«t 5 t-> ^ n • * 

try x-r 60^> K^^^4&^, 7t-yy-^yhy- 

9o JPfLV^H^^fo (frbl^AP^iiLT) ^*3fiS 
§ff£;ft6£, K -i V^-MajPrbV^y h!7-^ 

bTi£{f-r& 0 *<D«»K#tt«bl*APj&>fc*rb^*6 

[0 2 7 3 ] aiV K • V.x^i^m?£<^ 

y h!7 — *{£gfJRbT^*^£ g\ 

a~ y ^aftt-^ii7t-y >-f^^Fy • 

(£>M (Radius <DT (RA^t) ri5£f 

7*1/7-47-4 ^LtM4 I tr^L 

(Radius £>T*i?;*g# (RA^) T*fe5 - t 

M£rfci£U tO|fL<l«SnfcIWFl:o^r* 

[0 2 7 4] 7^ — y<tt3^— Ar>f h V ■ 

'<K:*tbT 1 ocOM^ (Radius(D7n^^ 
* (RAM) -C*)4Ci:j6504bvO irttniia 
or, *<z>»«k**«rBBE-rs. ^<7>M£f&flEU BE 
#cd*-a 1 WFdS**Tfltx.5-4:Srfti5i:, 

^tt*(D*f L < M St — tf * Ltt^ 

I WFi^^tLTffLV^ I - XTu n n e 1 &ft%> £ 0 \Z 
7fr—J» 1 WFMif^U * LTmj^if— tf^ Lti^ 1 

WFC^tLTffSLtl^ I - XT u n n e 1 
5 ct 9i-lt^-r6o #3£<0 I - XTu n n e 1 ffr&iS^ 
^tf-ft^tf) I - XT u n n e 1 «*Jft4f «r*~ A I W 
FA>&gfcfrt-5i:, ^r±*»S*Sr7* 

— y yitf-^i^LTMt^c 

[0 2 7 5] Si:, :7*~y va»^~'<t±^0)#rb^ 
il^W^XTunne 1 £rfE 5 «fc 5 * 0>*T b < 
#J«9 St <b*l*: I WF}:it^-rS 0 NTaE^XT u n n e 

«j»^^tC*r-fS X T u n n e 1 SrWUf-f-S <t 5 , 
IWFi:tg^t^) 0 W^cOXTunne 1 (Dffr&I^^fS 
J:^fS^XTunne litJSmffn^ 
-y vagt- ^IMMWS^Sr^^ K • ^rAC^tL 

-ciSfflr-j-a. 
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[0 2 7 6] K«UK#*«fbv^»^^fcil#-*-*k, 
■t<o*fbv^i|»^^{j:*>S3*^->3 v • 5 s — ^a** 

[0 2 7 7] »ft*w^tt8J«>*j|*^^l=:»bTl|iaC7« 

70 m<DmfflL/^fc&tt<D=**? is 3 V • 7- — 

UMACy 4 • T K \s7 ' 7"— T/A'SrHfrU 4 
fc, 8uOAP^B"f^«lft^^^^> y-fe — ^SrgWbfc 
i^MAC7^/^ • T Kl/^ • "T — ^SUteXtf 

[0 2 7 8] ^n-A;u • ^ h°!i Kt7(Df 

fe5o i 3 6 li/^-A I WF ft L^V^(0/p- 

fr — A I WF^ttt5i^^)^D-/<;l/ '^etlr^ 

!7 — ^<O^CO»fbt^j»^^b GWbl^APfcMC 

y v«»*— ^^*tbTiS«-rSo *:<£>ssb#: 
izm bv^AP^&*f bv^*si»^^*jttsn'r*f bv^ 

[0 2 7 9 ] KflMJ— ^f*, m V K • ^^fAM4^) 

• if— ^ (*S©>f^c2— • ^-^(Di: ott) \zML 
T, 1 00^* (Radius (7)T ^ir^^* (RAf 

A^S^f— ^<DT^f >7*4 7-4 ^*i6> ^LtlocT) 

919 ST, *U1 o^^* (Rad i us^T^tX 
M (RAM) -C*>SCi:dS#*bV0 SriibT, ^ 

[0 2 8 0] zfr — i^^^f— y^f±7^ — Af> h y • 
ih— ^l:*tLt, low^t (Ra d i u sCOT^t^ 
M (RAM) -efcSrtiSffSU^) SrffiKtl: 
.toT, *<D»«*#*MK-*-*o ^^^*^^>fiEb, 

I WF*s**:ttx.S ^ k&toZk (B3 
6) , ^ — ^»»lf— ^<fi*<oSfrbt^S»*— 
Tffb<ffj«9 ST ^tL/cif— LTV^5 1 WF(^t 
bV^ I - XT u n n e i £f^5 J; 5 , ^ — A I WF 

5^ lit-/^:MbCIi)i?^> ^ir-^^r^iUff U 
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— h** LT^5 I WFlC*]~r3gE#0 I -XTunne 
l£«S£-r6J;5, ^lWFl:}|$t6o I 
-XTunne 1 f^fiRj£»*3 £ U*#j£tf> I - XT u n n 
e 1 W*JS4ff«:# — A I WF^feSfltS fc, 

[0 2 8 1 ] #cl^ *L^7t- y >ISt- /^i^rCO 
fLV^i/N^fSXTu n n e 1 ZftZX. 5, * 

unne 1 f^*JS#*g« + 5 £ , 

BUS****? L I y K PJ^-T S i * off L v ^S^n 

5*(03^^->3 vS:S!*'r5«t 5^3E*SlxSo *fL 

|^MAC7><;1/^ • T • f-^ii;^^ 

[0 2 8 2] m(V7*~V >>&my—s<fcffi<nmi&'^ 

C»t5XTunne lS:»*tS«t5, i^IWFC 
}|/Tt5o tS^XTunne l«a§S*SrS»lfci: 
fcS^liXTunne 1 <Z)fiftSHg# t I^Rfi-, W)<D 

AC7^;^ • T KU* • x — ^/USrMSrL, -^LTftfj 
WAPfiBftw&ilfc^^&y* y-tr — S?«rg«Lfc«, § 

[0 2 8 3] ftfrflfc, Alff- LI ^:7* 

AIWF«x.4VC^Slofc| (13 7) N * — .A 

p-fr— s< (fctx.ii, 88I*£*lti^5 I sp^y 
s/^PPPtw<) ^*t"T5*r LV^w^i^tf) h>-^ 

. h • h (L 2 T P h 

£5, ^^ff Ll^ — A I WFfCfg^-T-5 G Jfcti:, * — 
ASSt-^l«©L 2 T P h V^/U • F7ty^ Sr£f 
Lv^-AiWF(:*fLT|5^tSJ;5, ftjco i wfc 

[0 2 8 4] Algf- Li ^ 7 a~ y 

tV^5I WF^-r^frL^ I -XTunne 1 Srf^S 

y yiSt-^i^Ltlg:^ 
CD;* y-fe — ^SrfcSlft L, J tLTflJ(7)7t ta -yy *^5/ 
hy — ^coiJE#oi^— LTV^5 I WFicfct-^SKff 

O I -XTunne 1 <fc b , ^AIWFC 

«*t5o I -XTunne l ffrifcjS«*5«fct/# 
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^CO I -XTunne 1 tlJSt^^--^ I WF?i^§: 

[0 2 8 5] JfcK, ffbV^^— y Vlgf-z^i^iZ) 
SfLl>I»/^i^f5XTu n n e 1 «rf£5J: 5, 
(7)»fL.<9I l 9 StWc I WFKJg*-t"S„ f^XT 
unnelW^ft^^ ^-y^SSf"- 

Ll* A PttftLV^i*^ y-fe— ^SrSfB Ufc 

g^MAC7>r;^ • r ku^ • f-T'/^it/ 
[0 2 8 6] m<D7*— y yggf- ^i^coMII^ 

KStSXTu n n e 1 £55^3 £ 5 , ffJCO I WFC 
ft^XT unne 1 tt«JE&#«rSfll Lfc <^ 
fc^l/^IHTunne 1 <Ojft^§g#: £ |rI&3H£, fijO 

i^Si^^i^a^^v 3 > • x— "TVi^J^M 
AC7^/^ • r KU* • x— ^/u^rJEff * LTSu 

[0 2 8 7] ^SW^fAl^otflfSSilfcxy 
K • v-^xA^, g^^ttrv^^ I E TF^q;v I P 

30 ^Ltsigstirv>5 I ETF^/M/H Pi¥ 

^>XfAiIETF^/MMP (RFC 200 

[0 2 8 8 ] (i) ^aWeoix^^AiiHsestLTi^ 
I ETF^W^ I Pf$^t(Dj; 5 5y MflatT* 

40 &Mfcftt>ftte\<\ -7>f^P -^tf!Jf^li|fLV^XT 
u n n e 1 COir ^ hT 7 7 P ^ffi#WXT u n n e 1 <Dffi. 

m*i¥o ?u—s<ji> . ^ryr^(if/hP^ ^fbv^ i x 

Tu n n e 1 <D^ y YT y^f '£UE#C0 I XTu n n e 1 
^flS*t«:, XTunnelCtyhryT'/Ulill 
giJKfM?£i-5o ^c— -=tlfy ^>fl4*fL 

V ^ L 2 T P h ^^/U(D± y bTy^iS&Xfs Wc^<D L 2 
TP h V^/U*»fc*f LV^L 2 T P h ^^/U^CDL 2 T P 

[0 2 8 9] (ii) **IJ|fc*3l^TB\ 1 o^)a-f * 
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[0 2 9 0] (iii) *3SWI^*5l^Ttt> »»*3J:W/u 

I PflRiPlKfcl^-Ctt, /t; — A • — v'xy MCefcoTH 
fr^tt, ^ttf^^tiri^ I ETFW^ I P« 

ta— 7^ :/^^#Ete^— A&cfct/^— y ><o i w 

[ 0 2 9 1 ] ( i v) #5^0)^;* 7" -MSP PPtyi/ 
3 ^S^0^3o(D h^/^S:?IJfflt*So XTunne 

i ^i^^:/^— tr* Ltv^s i WF£<z>ffi]£>y >^ 

BO h >^U£*±<£>fc<7)-efc5 0 t^t^Ltl^ IW 
F i: J* I WF t^M^ I -XTunne 1 «\ 
£*lTV>6 I ETF^/P I PtJf*(D^(7)* — A • m 
— v^V h^^^— y V • rc— v^v h^oPflco h >^ 

t><I;tTV^5 0 L2TPh^W"AIWF^PP 

So 

[ 0 2 9 2] (v) #$89ilz:*5^TM:, iHSftttPP 
Pi? >-dSBB*&SixSW^«*L, — Sfg£n 

tt^ I ETF^M/V I Pl¥(:^l/^i^ PPPt 
[0 2 9 3 ] ( v i ) **WlCi3t^T*i, x-^/iV h 

oy >^_Lfctt&< % «t*£ftTV^ I ETF^e 

^<D^> K • i/Zs^r&ifi? V > • x.— > > h [i! 
SECT) y y^^tLTV^^^ ir£lcBfei-5 1 COTTL^t 

iott^^^xy hO^fi, £ tiTl I ETF 

*es<>( ?v i pgtp^t^J: 5 ft i CMP^-^w^ 
[0 2 9 4] *389!0>3L>' K • ^^rAfix-^xy h 
jo^txy K • v^x-Ari^ SSBStirv^S I ETF^e 
i-£fc#, ^nfi^— v 5 ^ V hcD^^^Bti"6^T*# 
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> h^5»*^n- K*** hi-£ 0 

[0 2 9 5] *3SMJC*5l/^r«, M7 — ^ . &s<]s 

-^dSJtSeStbTV^ I ETF^W;H PtP^f^ 

J:5J-i-6^fcd s "e**o i-^xy KO^*SrgfSi" 

— Lfc^oT, KHi-Sfcfe^tt*0#|f9 

[0 2 9 6] J§3B£;ft,-CV^5 I ETF^/H P^R3p 
Srt#- h LTV^^ y h y-^^»^, PPPtr> 
3y«^;vi P^lg^iCII^^^ PPPt- 
^tt-t60«t 5&-*s> h V — 2Xcte\^X\%y* — y ^ • x: 

«?(Hr*3V^Ttt, SNAP^yW8S«)^7^«) 
£0 MAC7U^(Dti:P P P7l/-AS:*7 p t;Wk:t5 

£>f — !J"*3> hco^^ir/^f^^o^TO^^OP PP7 
rAiDxy K • V^r^^i^^P PPt°7(j;7i— 

y > • m — v?iy — h(D^^jSfSL*W 

[0 2 9 7 ] H^£tLT^5 I ETF^M^I P»? 
^ £rt^— hLTV^xy K- v-^ti^^^^o^-ry 

t^J: 5&^'M/W*4>&< t tMACi^SSi 
^®7t-7y h^r, S3g^ttTV^S^e^>f /n PS* 

Tfi&tg-cnj- s/"fe— ^ttdSfeSiXTl^S I ETF^/^^ 
^ I P«flt<Z5Sft»**3«tr^jJ:«: ( 7)^ yfe— S^i:flar*5>3 

(MS4«*Lt) s ^pj<D>>*^A<7)^fcry t- 

[0 2 9 8] ^i^^t^TV^^ I ETF^M/H PS* 
^r-y-^— h LTV^^V K • v'^x^ti, PPPty^ 
a^M/H P<©S*©«r^W*6Six*wi:Sr»!# 

y©«iliMACl©It(Z)i N PPP©LC 
50 P, NCP^yfS:»RLte*5o 
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[0 2 9 9] K*7<0|BlC h9t 

^-r ^ • \??*— • y w ^ta&i-s-^Tv^o P 

[0 3 0 0] v^^n. ^t"!Jr^|^ gfbl^H 

/N^lcBB-t"5it*tt*— tr^ Lt^s i wf irSfr^wH 

^Ht^ft^WXTu n n e 1 ^ s>-fe — 

"t^LTt^ I WF^bXTu n n e 1 s>-fe — 

id, I WFiifc^RL PJifi-tn*'C(wffif^M**^^^ 

[0 3 0 1 ] l^ftl:, I WFttW«*ii»^^»L-cai 
ft SftfcAfrtfV^y htf>^ft<D^f^—>$r 
£p3 0 l^ot, I WFttftLVvfrtfV^s/ h**fL 

t^^y h^sn^t^t^Sc rlpims 
ntt^o * 2 (Mr^imii^N^sv^cEaa 

[0302] ^ p ^hlr^ E>«-n\ fijcoih— bf^ 

5 0 ?T9ifrgtf s #>£<7)i3\ I XT u n n e 1 <DffiM* y 
± — i?<D$*~?fgi LV^~ fcf-XLTV^ I WFl^LTff 

fett, -^^tt^^BUOf— If* LTV^ I WF^ffifr<£> 
■Ctt*<, *L^1f— fcT* LT^S I WFfcWLT*:* 
LT^S^-jry b^* — IWF#6St5J: 5t-£-£ 
6*"jfe-CfcSo £^5<£>J3u I WFtefljCD^— tf 

^LTV^ I WFtc cfcoTftiST* y i^Sttfc I X 
Tu n n e 1 CD v— # J:!^^ — J* IWFCJ; 

otid^iltSfiWIXTunne l^)'>^y^S 

[0 3 0 3] ^> \?*y<D?fm<n h7fc ^^(D^^Sr* 
/Hfc-TSr fc36S"C#S J: 5 K> lo^^/q;K AP, 

5 arfens^t^arfi^i-s^isfett, ap, asm^ 
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t7ffi^ j eoxy k • ^t 1 ^^*^** soffit?*) 
5 0 ^(D^n^ iwf (DMB^y^m^APicML-xm 

b*^-ymc^t(D I WF<DmMs^<n%i LV>A 
PiC^LT^r^tL^Wcit^< ^)F7t ^teSIS 

[0 3 0 4] **W^*5V>T/u— h^ftig^SrlimrS 
fcfef^ ^> K • v-^^AJil*-— tr* LTV^ IWFH 
• fciS^P P Pi^-^<^r31^-r^o /U— h&gjgffcLft 

[0 3 0 5] ti^lll a~^rfru:*>5*— a • 

p-At5rfc^5, #^C7) I s P U 

t\ lf:^-AIWF (^^-— 3— ^ TfTi-fc^) Sriio 
X^m<D I S P^jH£fl3 0 
[0 3 0 6] #f£ Ll^ifcttU— h*^ ttl^ I WF 

(*»fc»>5) ^b#*(z> i s p\cjg.mzmm-rzzt 

•cfcSo t-^tri^iwFii^-^iwF^Bi 

I ETFWROAMOP S !7 — • ^/U— y" 

[0 3 0 7 ] b^^L, t-t^Ltl^IWFtt^i 
LTfii^PPPt-^ (fci:x.fi, #*co i sp) 

*^§:ff Lfci:#, ppp^^-y^ (fci:x.tf, I 
SP) ^j:^ K • v-^^-A^jKJBSSrS^T'V^d tSr*P 
40 5 0 y ^tt, t-t^LTV^ IWF 

^^-i^ I WF i ^©I^tltt^ P P P t-^ (fz 
t I S P) fciJ: 9 ifiv^c <ir ?r^S^ % y * 

— y tr^ Ltl^ I WFC^LT, 

■^c7)ftt^V^P P P^-^< (*-AIftf^|:»Lt 
ftfi^pp P*— ^fcJ:if^— A I wf fctt*ffl8W 
tci) L 2 T P h y*;>4rK4t 5 <fc 5 5 n #ci-> 
7^-— y vSftt^tt^^^ K • v-^-r^^^-w-^ 

^itv^i wF^iovt-y >p p piaott- 

50 [0 3 0 8] ffi,C0HJ£^^joV^Ti±. 7t-^li 
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fc#. tr*LTl*S — * IWFJzOfflS 

Jxtv^PPPf-^ {tibx-ft, ^?m<n I SP) {^J: 

TV^ I WFtO-|f$&*5£tf/U- hfl>*iiffca*#* Ll^ 

UL2TP hV*/U*RSC-r*± tf* LTV^ 

I WFtcfg^-f-S 0 a«K*«:*»i-Si:, *-AS* 

[0 3 0 9] K • 3-— HfjJSn— - b&X 

i/gy^pF ayu (fct xJi\ IP, TCP/IP, 
L2TP, IEEE802. 3 if) tr*!-** 5#R8«rfT 

fef-, m&<nT?-tx • > b, T9-te*"^-f (i~ 
*fctt>f — !7-*^*Hi (I 

t#s 0 u^ot, ^a^r^-fer^ • aw > 

T ^ir^ • I WF^y hfcMM£<£>^>' K • 

^LTE'J^^T^i?^ • tK-T > b , T^ir* • 

nfc^fAwftso mrnmm \z & n z> £ je tf> ft * n# 

[0310] ^ -tL-cWWifelcJ: 

^m^mH(Dmnm(Dmm^mm^tix^^ 0 
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[0 i ] ^#£»*K»H«:ii cT0>a*n<a y h • r 

[02] ^Kia^S^^y h**?*— **IS:ilC 
Tco y ^e— b • T^ir* • ^f^f-y^Mit^ 

[0 3] P — ^ >?<Dis1-y t^LTV^02 C0^5/ 
70 [04] ^;K7)7^t^ • > h £lf;tTl^5£ 

[05] y^bor^-fe^. ^yh^fitv^I 

[06] y^t— h<z?r^-fe^ • *>f v hSrfliifc**ia 
om^ig-efc^ , y ^~ h^r^-t?;* • >- h<mK 

[07] i3)V(DT • 3#>f ^ hiC^f-T^^n h 

[0 8] &<WM**fllx.fcy hcor^i?^-^^> 
[09] mm&m%ffix.tcv h^r ^ir^ - 
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1 . Title of Invention 

POINT-TO-POINT PROTOCOL ENCAPSULATION IN ETHERNET FRAME 

2. Claims 



1 . A wireless data network comprising: 

a home network that includes a home mobile switching center, a wireless 
modem and at least one end system, wherein said wireless modem and said at least 
one end system are connected together via an ethernet link; and 

a PPP server, wherein PPP information sent from said PPP server for said at 
least one end system is encapsulated by the wireless modem in an ethernet frame and 
sent to said at least one end system via said ethernet link. 

2. The network according to claim 1, wherein PPP information from said 
at least one end system is sent to the wireless modem via the ethernet link and then 
trnasmitted from the wireless modem to the PPP server. 

3. The network according to claim 1 » wherein said home switching center 
includes a home inter-working function. 

4. The network according to claim 3, wherein PPP information from said 
PPP server is transmitted through the home inter-working function to the wireless 
modem, 

5. The network according to claim 4, wherein PPP information from said 
at least one end system is sent to the wireless modem via the ethernet link and then 
transmitted from the wireless modem to the PPP server through the home inter- 
working function. 
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3, Detailed Explanation of the Invention 
Background of the Invention 

Priority benefit of the October 14, 1997 filing date of provisional application 
serial number 60/061,915 is hereby claimed. 

Field of the Invention 

The present invention relates to a wireless data network, and more particularly 
to communicating with a Pier to Pier Protocol server in the wireless data network. 

Description Of Related Art 

FIG. I depicts three business entities, whose equipment, working together 
typically provide remote internet access to user computers 2 through user modems 4. 
User computers 2 and modems 4 constitute end systems. 

The first business entity is the telephone company (telco) that owns and 
operates the dial-up plain old telephone system (POTS) or integrated services data 
network (ISDN) network. The telco provides the media in the form of public 
switched telephone network (PSTN) 6 over which bits (or packets) can flow between 
users and the other two business entities. 

The second business entity is the internet service provider (ISP). The ISP 
deploys and manages one or more points of presence (POPs) 8 in its service area to 
which end users connect for network service. An ISP typically establishes a POP in 
each major local calling area in which the ISP expects to subscribe customers. The 
POP converts message traffic from the PSTN run by the telco into a digital form to . 
be carried over intranet backbone 10 owned by the ISP or leased from an intranet 
backbone provider like MCI, Inc. An ISP typically leases fractional or full Tl lines 
or fractional or full T3 lines from the telco for connectivity to the PSTN. The POPs 
and the ISP' medium data center 14 are connected together over the intranet backbone 
through router 12A. The data center houses the ISP's web servers, mail servers, 
accounting and registration servers, enabling the ISP to provide web content, e-mail 
and web hosting services to end users. Future value added services may be added by 
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deploying additional types of servers in the data center. The ISP also maintains 
router 12A to connect to public internet backbone 20. In the current model for 
remote access, end users have service relationships with their telco and their ISP and 
usually get separate bills from both. End users access the ISP, and through the ISP, 
public internet 20, by dialing the nearest POP and running a communication protocol 
known as the Internet Engineering Task Force (IETF) point-to-point protocol (PPP), 

The third business entity is the private corporation which owns and operates 
its own private intranet 18 through router 12B for business reasons. Corporate 
employees may access corporate network 18 (e.g., from home or while on the road) 
by making POTS/ISDN calls to corporate remote access server 16 and running the 
IETF PPP protocol. For corporate access, end users only pay for the cost of 
connecting to corporate remote access server 16. The ISP is not involved. The 
private corporation maintains router 12B to connect an end user to either corporate 
intranet 18 or public internet 20 or both. 

End users pay the telco for the cost of making phone calls and for the cost of 
a phone line into their home. End users also pay the ISP for accessing the ISP's 
network and services. The present invention will benefit wireless service providers 
like Sprint PCS, PrimeCo, etc. and benefit internet service providers like AOL, 
AT&T Worldnet, etc. 

Today, internet service providers offer internet access services, web content 
services, e-mail services, content hosting services and roaming to end users. Because 
of low margins and no scope of doing market segmentation based on features and 
price, ISPs are looking for value added services to improve margins. In the short 
term, equipment vendors will be able to offer solutions to ISPs to enable them to 
offer faster access, virtual private networking (which is the ability to use public 
networks securely as private networks and to connect to intranets), roaming 
consortiums, push technologies and quality of service. In the longer term, voice over 
internet and mobility will also be offered. ISPs will use these value added services 
to escape from the low margin straitjacket. Many of these value added services fall 
in the category of network services and can be offered only through the network 
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infrastructure equipment. Others fall in the category of application services which 
require support from the network infrastructure, while others do not require any 
support from the network infrastructure. Services like faster access, virtual private 
networking, roaming, mobility, voice, quality of service, quality of service based 
accounting all need enhanced network infrastructure. The system described here will 
be either directly provide these enhanced services or provide hooks so that these 
services can be added later as future enhancements. Wireless service providers will 
be able to capture a larger share of the revenue stream. The TSP will be able to offer 
more services and with better market segmentation. 

Summary Of The Invention 

The present invention provides end users with remote wireless access to the 
public internet, private intranets and internet service providers. Wireless access is 
provided through base stations in a home network and base stations in foreign 
networks with interchange agreements. 

It is an object of the present system to provide a wireless packet switched data 
network for end users that divides mobility management into local, micro, macro and 
global connection handover categories and minimizes handoff updates according to 
the handover category. It is another object to integrate MAC handoff messages with 
network handoff messages. It is a further object of the present system to separately 
direct registration functions to a registration server and direct routing functions to 
inter-working function units. It is yet another object to provide an intermediate 
XTunnel channel between a wireless hub (also called access hub AH) and an inter- 
working function unit (IWF unit) in a foreign network. It is yet another object to 
provide an IXTunnel channel between an inter-working function unit in a foreign 
network and an inter-working function unit in a home network. It is yet another 
object to enhance the layer two tunneling protocol (L2TP) to support a mobile end 
system. It is yet another object to perform network layer registration before the siart 
of a PPP communication session. 

According to one embodiment of the invention, a wireless data network which 
provides communications with a Pier to Pier Protocol server is disclosed. The 
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network includes a home network that includes a home mobile switching center, a 
wireless modem and one or more end system. The wireless modem and the end 
systems are connected together via an ethernet link. The network also includes a PPP 
server, wherein PPP information sent from PPP server for the end systems is 
encapsulated by the wireless modem in an ethernet frame and sent to the end systems 
via the ethernet link. 

Detailed Description Of Preferred Embodiments 

The present system provides computer users with remote access to the internet 
and to private intranets using virtual private network services over a high speed, 
packet switched, wireless data link. These users are able to access the public internet, 
private intranets and their internet service providers over a wireless link. The 
network supports roaming, that is, the ability to access the internet and private 
intranets using virtual private network services from anywhere that the services 
offered by the present system are available. The network also supports handoffs, that 
is, the ability to change the point of attachment of the user to the network without 
disturbing the PPP link between the PPP client and the PPP server. The network 
targets users running horizontal internet and intranet applications. These applications 
include electronic mail, file transfer, browser based WWW access and other business 
applications built around the internet. Because the network will be based on the IETF 
standards, it is possible to run streaming media protocols like RTP and conferencing 
protocols like H.323 over it. 

Other internet remote access technologies that are already deployed or are in 
various stages of deployment include: wire line dial-up access based on POTS and 
ISDN, XDSL access, wireless circuit switched access based on GSM/CDMA/TDMA, 
wireless packet switched access based on GSM/CDMA/TDMA, cable modems, and 
satellite based systems. However, the present system offers a low cost of 
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deployment, ease of maintenance, a broad feature set, scaleability, an ability to 
degrade gracefully under heavy load conditions and support for enhanced network 
services like virtual private networking, roaming, mobility and quality of service to 
the relative benefit of users and service providers. 

For wireless service providers who own personal communications system 
(PCS) spectrum, the present system will enable them to offer wireless packet switched 
data access services that can compete with services provided by the traditional wire 
line telcos who own and operate the PSTN. Wireless service providers may also 
decide to become internet service providers themselves, in which case, they will own 
and operate the whole network and provide end to end services to users. 

For internet service providers the present system will allow them to by-pass 
the telcos (provided they purchase or lease the spectrum) and offer direct end to end 
services to users, perhaps saving access charges to the telcos, which may increase in 
the future as the internet grows to become even bigger than it is now. 

The present systems flexible so that it can benefit wireless service providers 
who are not internet service providers and who just provide ISP, internet or private 
intranet access to end users. The system can also benefit service providers who 
provide wireless access and internet services to end users. The system can also 
benefit service providers who provide wireless access and internet services but also 
allow the wireless portion of the network to be used for access to other ISPs or to 
private intranets. 

In FIG. 2, end systems 32 (e.g., based on, for example, Win 95 personal 
computer) connect to wireless network 30 using external or internal modems. These 
modems allow end systems to send and receive medium access control (MAC) frames 
over air link 34. External modems attach to the PC via a wired or wireless link. 
External modems are fixed, and, for example, co-located with roof top mounted 
directional antennae. External modems may be connected to the user's PC using any 
one of following means: 802.3, universal serial bus, parallel port, infra-red, or even 
an ISM radio link. Internal modems are preferably PCMCrA cards for laptops and 
are plugged into the laptop's backplane. Using a small omni-directional antenna, they 
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send and receive MAC frames over the air Link. End systems can also be laptops with 
a directional antenna, a fixed wireless station in a home with a directional antenna 
connected via AC lines, and other alternatives. 

Wide-area wireless coverage is provided by base stations 36. The base station 
36 can employ a 5-channel reuse communication scheme as described in U.S. Patent 
Application Serial No. 08/998,505, filed on December 26, 1997. The range of 
coverage provided by base stations 36 depends on factors like link budget, capacity 
and coverage. Base stations are typically installed in cell sites by PCS (personal 
communication services) wireless service providers. Base stations multiplex end 
system traffic from their coverage area to the system's mobile switching center 
(MSC) 40 over wire line or microwave backhaul network 38. 

The system is independent of the MAC and PHY (physical) layer of the air 
link and the type of modem. The architecture is also independent of the physical 
layer and topology of backhaul network 38. The only requirements for the backhaul 
network are that it must be capable of routing internet protocol (IP) packets between 
base stations and the MSC with adequate performance. At Mobile Switching Center 
40 (MSC 40), packet data inter-working function (IWF) 52 terminates the wireless 
protocols for this network. IP router 42 connects MSC 40 to public internet 44, 
private intranets 46 or to internet service providers 46. Accounting and directory 
servers 48 in MSC 40 store accounting data and directory information. Element 
management server 50 manages the equipment which includes the base stations, the 
I WFs and accounting/directory servers. 

The accounting server will collect accounting data on behalf of users and send 
the data to the service provider's billing system. The interface supported by the 
accounting server will send accounting information in American Management 
Association (AMA) billing record format, or any other suitable billing format, over 
a TCP/IP (transport control protocol/internet protocol) transport to the billing system 
(which is not shown in the figure). 

The network infrastructure provides PPP (point-to-point protocol) service to 
end systems. The network provides (I) fixed wireless access with roaming (log-in 
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anywhere that the wireless coverage is available) to end systems and (2) low speed 
mobility and hand-offs. When an end system logs on to a network, in it may request 
either fixed service (i.e.. stationary and not requiring handoff services) or mobile 
service (i.e., needing handoff services). An end system that does not specify fixed 
or mobile is regarded as specifying mobile service. The actual registration of the end 
system is the result of a negotiation with a home registration server based on 
requested level of service, the level of services subscribed to by the user of the end 
system and the facilities available in the network. 

If the end system negotiates a fixed service registration (i.e., not requiring 
handoff services) and the end system is located in the home network, an IWF (inter- 
working function) is implemented in the base station to relay traffic between the end 
user and a communications server such as a PPP server (i.e. , the point with which to 
be connected, for example, an ISP PPP server or a corporate intranet PPP server or 
a PPP server operated by the wireless service provider to provide customers with 
direct access to the public internet). It is anticipated that perhaps 80% of the message 
traffic will be of this category, and thus, this architecture distributes IWF processing 
into the base stations and avoids message traffic congestion in a central mobile 
switching center. 

If the end system requests mobile service (from a home network or a foreign 
network) or if the end system request roaming service (i.e., service from the home 
network through a foreign network), two IWFs are established: a serving IWF 
typically established in the base station of the network to which the end system is 
attached (be it the home network or a foreign network) and a home IWF typically 
established in mobile switching center MSG of the home network. Since this situation 
is anticipated to involve only about 20% of the message traffic, the message traffic 
congestion around the mobile switching center is minimized. The serving IWF and 
the wireless hub may be co-located in the same nest of computers or may even be 
programmed in the same computer so that a tunnel using an XTunnel protocol need 
not be established between the wireless hub and the serving IWF. 
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However, based on available facilities and the type and quality of service 
requested, a serving IWF in a foreign network may alternatively be chosen from 
facilities in the foreign MSC. Generally, the home IWF becomes an anchor point that 
is not changed during the communications session, while the serving IWF may change 
if the end system moves sufficiently. 

The base station includes an access hub and at least one access point (be it 
remote or collocated with the access hub). Typically, the access hub serves multiple 
access points. While the end system may be attached to an access point by a wire or 
cable according to the teachings of this invention, in a preferred embodiment the end 
system is attached to the access point by a wireless "air link", in which case the 
access hub is conveniently referred to as a wireless hub. While the access hub is 
referred to as a "wireless hub" throughout the description herein, it will be 
appreciated that an end system coupled through an access point to an access hub by 
wire or cable is an equivalent implementation and is contemplated by the term "access 
hub". 

In the invention, an end system includes an end user registration agent (e.g., 
software running on a computer of the end system, its modem or both) that 
communicates with an access point, and through the access point to a wireless hub. 
The wireless hub includes a proxy registration agent (e.g., software running on a 
processor in the wireless hub) acting as a proxy for the end user registration agent. 
Similar concepts used in, for example, the IETF proposed Mobile IP standard are 
commonly referred to as a foreign agent (FA), For this reason, the proxy registration 
agent of the present system will be referred to as a foreign agent, and aspects of the 
foreign agent of the present system that differ from the foreign agent of Mobile IP are 
as described throughout this description, 

Using the proxy registration agent (i.e., foreign agent FA) in a base station, 
the user registration agent of an end system is able to discover a point of attachment 
to the network and register with a registration server in the MSC (mobile switching 
center) of the home network. The home registration server determines the availability 
of each of the plural inter-working function modules (IWFs) in the network (actually 
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software modules that run on processors in both the MSC and the wireless hubs) and 
assigns IWF(s) to the registered end system. For each registered end system, a tunnel 
(using the XTunnel protocol) is created between the wireless hub in the base station 
and an inter-working function (IWF) in the mobile switching center (MSC), this 
tunnel transporting PPP frames between the end system and the IWF. 

As used herein, the XTunnei protocol is a protocol that provides in-sequence 
transport of PPP data frames with flow control. This protocol may run over standard 
IP networks or over point-to-point networks or over switched networks like ATM 
data networks or frame relay data networks. Such networks may be based on T I or 
T3 links or based on radio links, whether land based or space based. The XTunnei 
protocol may be built by adapting algorithms from L2TP (level 2 transport protocol). 
In networks based on links where lost data packets may be encountered, a re- 
transmission feature may be a desirable option. 

The end system's PPP peer (i.e., a communications server) may reside in the 
IWF or in a corporate intranet or ISP's network. When the PPP peer resides in the 
IWF, an end system is provided with direct internet access. When the PPP peer 
resides in an intranet or ISP, an end system is provided with intranet access or access 
to an ISP . In order to support intranet or ISP access, the IWF uses the layer two 
tunneling protocol (L2TP) to connect to the intranet or ISP's PPP server. From the 
point of view of the intranet or ISP's PPP server, the IWF looks like a network 
access server (NAS). PPP traffic between the end system and the IWF is relayed by 
the foreign agent in the base station. 

In the reverse (up link) direction, PPP frames traveling from the end system 
to the IWF are sent over the MAC and air link to the base station, The base station 
relays these frames to the IWF in the MSC using the XTunnei protocol. The IWF 
delivers them to a PPP server for processing. For internet access, the PPP server 
may be in the same machine as the IWF. For ISP or intranet access, the PPP server 
is in a private network and the IWF uses the layer two tunneling protocol (L2TP) to 
connect to it. 
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In the forward (down link) direction, PPP frames from the PPP server are 
relayed by the IWF to the base station using the XTunnel protocol. The base station 
de-tunnels down link frames and relays them over the air link to the end system, 
where they are processed by the end system's PPP layer. 

To support mobility, support for hand-offs are included. The MAC layer 
assists the mobility management software in the base station and the end system to 
perform hand-offe efficiently. Hand-offs are handled transparently from the peer PPP 
entities and the L2TP tunnel. If an end system moves from one base station to 
another, a new XTunnel is created between the new base station and the original IWF. 
The old XTunnel from the old base station will be deleted. PPP frames will 
transparently traverse the new path. 

The network supports roaming (i.e., when the end user connects to its home 
wireless service provider through a foreign wireless service provider). Using this 
feature, end systems are able to roam away from the home network to a foreign 
network and still get service, provided of course that the foreign wireless service 
provider and the end system's home wireless service provider have a service 
agreement. 

In FIG. 3, roaming end system 60 has traveled to a location at which foreign 
wireless service provider 62 provides coverage. However, roaming end system 60 
has a subscriber relationship with home wireless service provider 70. In the present 
invention, home wireless service provider 70 has a contractual relationship with 
foreign wireless service provider 62 to provide access services. Therefore, roaming 
end system 60 connects to base station 64 of foreign wireless service provider 62 over 
the air link. Then, data is relayed from roaming end system 60 through base station 
64, through serving IWF 66 of foreign wireless service provider 62, to home IWF 
72 of home wireless service provider 70, or possibly through home IWF 72 of home 
wireless service provider 70 to internet service provider 74. 

An inter-service provider interface, called the I-interface, is used for 
communications across wireless service provider (WSP) boundaries to support 
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roaming. This interface is used for authenticating, registering and for transporting 
the end system's PPP frames between the foreign WSP and the home WSP. 

PPP frames in the up link and the down link directions travel through the end 
system's home wireless service provider (WSP). Alternatively, PPP frames directly 
transit from the foreign WSP to the destination network. The base station in the 
foreign WSP is the end system's point of attachment in the foreign network. This base 
station sends (and receives) PPP frames to (and from) a serving rWF in the foreign 
WSP's mobile switching center. The serving IWF connects over the I-interface to the 
home IWF using a layer two tunnel to transport the end system's PPP frames in both 
directions. The serving IWF in the foreign WSP collects accounting data for 
auditing. The home IWF in the home WSP collects accounting data for billing. 

The serving [WF in the foreign WSP may be combined with the base station 
in the same system, thus eliminating the need for the X-Tunnel. 

During the registration phase, a registration server in the foreign WSP 
determines the identity of the roaming end system's home network. Using this 
information, the foreign registration server communicates with the home registration 
server to authenticate and register the end system. These registration messages flow 
over the I-interface. Once the end system has been authenticated and registered, a 
layer two tunnel is created between the base station and the serving rWF using the 
XTUNNEL protocol and another layer two tunnel is created between the serving IWF 
and the home IWF over the I-interface. The home IWF connects to the end system's 
PPP peer as before, using L2TP (level 2 tunnel protocol). During hand-offs, the 
location of the home IWF and the L2TP tunnel remains fixed. As the end system 
moves from one base station to another base station, a new tunnel is created between 
the new base station and the serving IWF and the old tunnel between the old base 
station and the serving IWF is deleted. If the end system moves far enough, so that 
a new serving IWF is needed, a new tunnel will be created between the new serving 
IWF and the home IWF. The old runnel between the old serving and the home will 
be deleted. 
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To support roaming, the I-interface supports authentication, registration and 
data transport services across wireless service provider boundaries. Authentication 
and registration services are supported using the IETF Radius protocol. Data 
transport services to transfer PPP frames over a layer two tunnel are supported using 
the I-XTunnel protocol. This protocol is based on the IETF L2TP protocol. 

As used in this description, the term home IWF refers to the IWF in the end 
system's home network. The term serving IWF refers to the IWF in the foreign 
network which is temporarily providing service to the end system. Similarly, the 
term home registration server refers to the registration server in the end system's 
home network and the term foreign registration server refers to the registration server 
in the foreign network through which the end system registers while it is roaming. 

The network supports both fixed and dynamic IP address assignment for end 
systems. There are two types of IP addresses that need to be considered. The first 
is the identity of the end system in its home network. This may be a structured user 
name in the format user@domain. This is different from the home IP address used 
in mobile IP. The second address is the IP address assigned to the end system via the 
PPP IPCP address negotiation process. The domain sub-field of the home address is 
used to identify the user's home domain and is a fully qualified domain name. The 
user sub-field of the home address is used to identify the user in the home domain. 
The User -Name is stored on the end system and in the subscriber data-base at the 
MSC and is assigned to the user when he or she subscribes to the service. The 
domain sub-field of the User -Name is used during roaming to identify roaming 
relationships and the home registration server for purposes of registration and 
authentication. Instead of the structured user name another unique identifier may be 
used to identify the user's home network and ihe user's identity in the home network. 
This identifier is sent in the registration request by the end system 

The PPP IPCP is used to negotiate the IP address for the end system. Using 
IP configuration protocol IPCP, the end system is able to negotiate a fixed or 
dynamic IP address. 
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Although the use of the structured user-name field and the non-use of an IP 
address as the home address is a feature that characterizes the present system over a 
known mobile IP, the network may be enhanced to also support end systems that have 
no user-name and only a non-null home address, if mobile IP and its use in 
conjunction with PPP end systems becomes popular. The PPP server may be 
configured by the service provider to assign IP addresses during the IPCP address 
assignment phase that are the same as the end system's home IP address. In this case, 
the home address and the IPCP assigned IP address will be identical. 

In FIG. 4, base station 64 and air links from end systems form wireless sub- 
network 80 that includes the air links for end user access, at least one base station 
(e.g., station 64) and at least one backhaul network (e.g., 38 of FIG. 2) from the base 
station to MSC 40 (FIG.2). The wireless sub-network architecture of, for example, 
a 3-sectored base station includes the following logical functions. 

1. Access point function. Access points 82 perform MAC layer bridging 
and MAC layer association and dissociation procedures. An access 
point includes a processor (preferably in the form of custom 
application specific integrated circuit ASIC), a link to a wireless hub 
(preferably in the form of an Ethernet link on a card or built into the 
ASIC), a link to an antenna (preferably in the form of a card with a 
data modulator/demodulator and a transmitter/receiver), and the 
antenna to which the end system is coupled. The processor runs 
software to perform a data bridging function and various other 
functions in support of registration and mobility handovers as further 
described herein. See discussion with respect to FIGS. 7, 8 and 1 1. 

Access points (APs) take MAC layer frames from the air [ink 
and relay them to a wireless hub and vice versa. The MAC layer 
association and disassociation procedures are used by APs to maintain 
a list of end system MAC addresses in their MAC address filter table. 
An AP will only perform MAC layer bridging on behalf of end 
systems whose MAC addresses are present in the table. An access 
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point and its associated wireless hub are typically co-located. In its 
simplest form, an access point is just a port into a wireless hub. When 
the APs and the wireless hub are co-located in the same cell site, they 
may be connected together via a IEEE 802.3 link. Sometimes, access 
points are located remotely from the wireless hub and connected via 
a long distance link like a wired Tl trunk or even a wireless trunk. 
For multi-sector cells, multiple access points (i.e., one per sector) are 
used. 

2. Wireless hub function. Wireless hub 84 performs the foreign agent 
(FA) procedures, backhaul load balancing (e.g., over multiple TVs), 
backhaul network interfacing, and the xtwvnzl procedures. When 
support for quality of service (QOS) is present, the wireless hub 
implements the support for QOS by running the xtunnel protocol over 
backhauls with different QOS attributes. In a multi-sector cell site, a 
single wireless hub function is typically shared by multiple access 
points. 

A wireless hub includes a processor, a link to one or more 
access points (preferably in the form of an Ethernet link on a card or 
built into an ASIC), and a link to a backhaul line. The backhaul line 
is typically a Tl or T3 communications line that terminates in the 
mobile switching center of the wireless service provider. The link to 
the backhaul line formats data into a preferred format, for example, 
an Ethernet format, a frame relay format or an ATM format. The 
wireless hub processor runs software to support data bridging and 
various other functions as described herein. See discussion with 
respect to FIGS. 9, 10 and 11. 

The base station design supports the following types of cell architectures. 

I. Local AP architecture. In a local AP architecture, access points have 
a large (> = 2km, typically) range. They are co-located in the cell 
site with the wireless hub (FIG. 4). Access points may be connected 
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to the wireless hub using an IEEE 802.3 network or may be directly 
plugged into the wireless hub's backplane or connected to the wireless 
hub using some other mechanism (e.g. universal serial bus, printer 
port, infra-red, etc.). It will be assumed that the first alternative is 
used for die rest of this discussion. The cell site may be omni or 
sectored by adding multiple access points and sectored antennas to a 
wireless hub, 

2. Remote AP architecture. In a remote AP architecture, access points 
usually have a very small range, typically around 1 km radius. They 
are located remotely (either indoors or outdoors) from the wireless 
hub. A Tl or a wireless trunk preferably links remote access points 
to the cell site where the wireless hub is located. From the cell site, 
a wire line backhaul or a microwave link is typically used to connect 
to the IWF in the MSC. If wireless trunking between the remote AP 
and the wireless hub is used, omni or sectored wireless radios for 
trunking are utilized. The devices for trunking to remote access points 
are preferably co-located with the wireless hub and may be connected 
to it using an IEEE 8023 network or may be directly plugged into the 
wireless hub's backplane. These devices will be referred to by the 
term trunk AP. 

3. Mixed AP architecture. In a mixed architecture, the wireless sub- 
network will have to support remote and local access points. Remote 
access points may be added for hole filling and other capacity reasons. 
As described earlier, Tl or wireless trunks may be used to connect 
the remote AP to the wireless hub. 

FIG. 5 shows a cell with three sectors using local APs only. The access 
points and the wireless hub are co-located in the base station and are connected to 
each other with 802.3 links. 



JFIG, 6 shows an architecture with remote access points 82 connected to 
wireless hub 84 using wireless trunks 86. Each trunk access point in the base station 
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provides a point to multi-point wireless radio link to the remote micro access points 
(R-AP in figure). The remote access points provide air link service to end systems. 
The wireless hub and the trunk access points are co-located in the base station and 
connected together via 802.3 links. This figure also shows remote access points 82R 
connected to the wireless hub via point to point Tl links. In this scenario, no trunk 
APs are required. 

To support all of the above cell architectures and the different types of access 
points that each cell might use, the network architecture follows the following rules: 

1. Access points function as MAC layer bridges. Remote access points 
perform MAC bridging between the air link to the end systems and the 
wireless or Tl trunk to the cell site. Local access points perform 
MAC bridging between the air link to the end systems and the wireless 
hub. 

2. Trunk access points also function as MAC layer bridges. They perform 
MAC bridging between the trunk (which goes to the access points) and 
the wireless hub. 

3. The wireless hub is connected to all co-located MAC bridges (i.e. local 
access points or trunk access points) using a 802.3 link initially. 

Additionally, where local access points or remote access points with Tl 
trunks are used, the following rules are followed. 

1. Local access points are co-located with the wireless hub and 
connected to it using point to point 802.3 links or a shared 802.3 
network. Remote access points are connected to the wireless hub 
using point to point Tl trunks. 

2. Sectorization is supported by adding access points with sectored 
antennas to the cell site. 

3. For each access point connected to the wireless hub, there is a 
foreign agent executing in the wireless hub which participates in end 
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system registration. MAC layer association procedures are used to 
keep the MAC address filter tables of the access points up to date 
and to perform MAC layer bridging efficiently. The wireless hub 
participates in MAC association functions so that only valid MAC 
addresses are added to the MAC address filter tables of the access 
points. 

4. The foreign agent in the wireless hub relays frames from the access 
points to the MSC IWF and vice versa using the xtunnel protocol. 
The MAC address filter table is used to Filter out those unicast 
MAC data frames whose MAC addresses are not present in the 
table. The APs always forward MAC broadcast frames and MAC 
frames associated with end system registration functions regardless 
of the contents of the MAC address filter table. 

5. Local access points use ARP to resolve MAC addresses for routing 
IP traffic to the wireless hub. Conversely, the wireless hub also 
uses ARP to route IP packets to access points. HDP/IP is used for 
network management of access points. 

6. Remote access points connected via Tl do not use ARP since the 
link will be a point to point link. 

7. Support for hand-offs is done with assistance from the MAC layer. 

In a cell architecture using wireless trunks and trunk APs, the following 
rules are followed. 

1 . Trunk access points are co-located with the wireless hub and 

connected to it using point to point 802.3 links or other suitable 
means. 



2. Wireless trunk sectorization is supported by adding trunk access 
points with sectored antennas to the cell site. 
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3. Hand-offs across backhaul sectors are done using the foreign agent 
in the wireless hub. For each backhaul sector, there is a foreign 
agent executing in the wireless hub. 

4. The trunk APs do not need to participate in MAC layer end system 
association and hand off procedures. Their MAC address filter 
tables will be dynamically programmed by the wireless hub as end 
systems register with the network. The MAC address filter table is 
used to filter out unicast MAC frames. Broadcast MAC frames or 
MAC frames containing registration packets are allowed to always 
pass through. 

5. Trunk APs use ARP to resolve MAC addresses for routing IP 
traffic to the wireless hub. Conversely, the wireless hub use ARP 
to route IP packets to trunk APs. UDP/IP is used for network 
management of trunk APs. 

6. In a single wireless trunk sector, MAC association and hand-offs 
from one access point to another is done using the MAC layer with 
the assistance of the foreign agent in the wireless hub. Using these 
MAC layer procedures, end systems associate with access points. 
As end systems move from one access point to another access point, 
the access points will use a MAC hand off protocol to update their 
MAC address filter tables. The wireless hub at the cell site 
provides assistance to access points to perform this function. This 
assistance includes relaying MAC layer hand off messages (since 
access points will not be able to communicate directly over the 
MAC layer with each other) and authenticating the end system for 
MAC layer registration and hand off and for updating the MAC 
address filter tables of the access points. 

7. The foreign agent for a wireless trunk sector is responsible for 
relaying frames from its trunk AP to the MSC and vice versa using 
thextunnel protocol. Thus, the foreign agent for a trunk AP does 
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not care about the location of the end system with respect to access 
points within that wireless trunk sector. In the down link direction, 
it just forwards frames from the tunnel to the appropriate trunk AP 
which uses MAC layer bridging to send the frames to ail the remote 
access points attached in that backhaul sector. The access points 
consult their MAC address filter tables and either forward the MAC 
frames over the access network or drop the MAC frames. As 
described above, the MAC address filter tables are kept up to date 
using MAC layer association and hand off procedures. In the up 
link direction, MAC frames are forwarded by the access points to 
the backhaul bridge which forwards them to the foreign agent in the 
wireless hub using the 802.3 link. 

8. ARP is not be used for sending or receiving IP packets to the 
remote access points. The access points determines the MAC 
address of the wireless hub using BOOTP procedures. Conversely, 
the wireless hub is configured with the MAC address of remote 
access points. UDP/IP is used for network management of access 
points and for end system association and hand off messages. 

IEEE Standard 802.3 links in the cell site may be replaced by other speed 

links. 

FIG. 7 shows the protocol stack for a local access point. At the base of the 
stack is physical layer PHY. Physical layer PHY carries data to and from an end 
system over the air using radio waves as an example. When received from an end 
system, the AP receives data from the physical layer and unpacks it from the 
MAC frames (the MAC layer). The end system data frames are then repacked 
into an Ethernet physical layer format {IEEE 802.3 format) where it is send via the 
Ethernet link to the wireless hub. When the AP's processor receives data from the 
wireless hub via its Ethernet link {i.e., the physical layer), the data to be 
transmitted to an end system, the AP packs the data in a medium access control 
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(MAC) format, and sends the MAC layer data to its modulator to be transmitted to 
the end system using the PHY layer. 

In FIG. 8, the MAC and PHY layers to/from the end system of FIG. 7 are 
replaced by a MAC and PHY for the trunk to the cell site for a remote access 
point. Specifically, for a Tl trunk, the high level data link control protocol 
(HDLC protocol) is preferably used over the Tl. 

FIG. 9 depicts the protocol stack for the wireless hub that bridges the 
backhaul line and the trunk to the remote access point. The trunk to the remote 
APs are only required to support remote access points (as distinct from Ethernet 
coupled access points). The MAC and PHY layers for the wireless trunk to the 
remote APs provide a point to multipoint link so that one trunk may be used to 
communicate with many remote APs in the same sector. 

The wireless hub bridges the trunk to the remote APs and the backhaul line 
(e.g., Tl or T3) to the network's mobile switching center (MSC). The protocol 
stack in the wireless hub implements MAC and PHY layers to the MSC on top of 
which is implemented an IP (Internet Protocol) layer on top of which is 
implemented a UDP layer (Universal Datagram Protocal, in combination referred 
to as UDP/IP) for network management on top of which is implemented an 
XTunnel protocol. The XTunnel protocol is a new format that includes aspects of 
mobility (e.g. as in mobile IP) and aspects of the Level 2 Tunnel Protocol (L2TP). 
The XTunnel protocol is used to communicate from the wireless hub to the MSC 
and between inter-working functions (I WFs) in different networks or the same 
network. 

In FIG. 10, the protocol stack for the relay function in the base station for 
supporting remote access points is shown. The relay function includes an interface 
to the backhaul line (depicted as the wireless hub) and an interface to the remote 
AP (depicted as a trunk AP). From the point of view of the wireless hub, the 
trunk AP (depicted in FIGS. 7 and 10) actually behaves like the AP depicted in 
FIG. 7, Preferably, the base station protocol stacks are split up into a wireless 



332D0004 3lffl#'J • 



(74) 1 - 2 5 2 1 8 3 

hub and a trunk AP with an Ethernet in between. In an N-sector wireless trunk, 
there are N wireless trunk APs in the cell site and one wireless hub. 

In FIG. 1 1, the base station protocol stack for a cell architecture using a 
local AP is shown. The relay function includes an interface to the backhaul Line 
(depicted as the wireless hub) and an air link interface to the end system (depicted 
as an AP). From die point of view of die wireless hub, the AP (depicted in FIGS. 
8 and 1 1) actually behaves like the trunk AP depicted in FIG. 8. Preferably, the 
base station protocol stacks are split up into a wireless hub and a trunk AP with an 
Ethernet in between. In a N-sector cell, there are N access points and a single 
wireless hub. 

The backhaul network from the base station to the MSC has the following 
attributes. 

1. The network is capable of routing IP datagrams between the base 
station and the MSC. 

2. The network is secure. It is not a public internet. Traffic from 
trusted nodes only are allowed onto the network since the network 
will be used for not only transporting end system traffic, but also 
for transporting authentication, accounting, registration and 
management traffic. 

3. The network has the necessary performance characteristics. 

In typical application, the service provider is responsible for installing and 
maintaining the backhaul network on which the equipment is installed. 

The base stations supports the following backhaul interfaces tor 
communicating with the MSC. 

i. Base stations support IP over PPP with HDLC links using point to 
point Tl or fractional T3 links. 
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2. Base stations support IP over frame relay using Tl or fractional T3 
links. 

3. Base stations support IP over AAL5/ATM using Tl or fractional T3 
links. 

4. Base stations support IP over Ethernet links. 

Since all of the above interfaces are based on IETF standard 
encapsulations, commercial routers may be used in the MSG to terminate the 
physical links of the backhaul network. Higher layers are passed on and processed 
by the various servers and other processors. 

End system registration procedures above the MAC layer are supported- In 
the following, end system registration procedures at the MAC layer are ignored 
except where they impact the layers above. 

End systems may register for service on their home network or from a 
foreign network. In both scenarios, the end system uses a foreign agent (FA) in 
the base station to discover a point of attachment to the network and to register. 
In the former case, the FA is in the end system's home network. In the latter 
case, the FA is in a foreign network. In either case, the network uses an IWF in 
the end system's home network as an anchor point (i.e., unchanging throughout 
the session in spite of mobility). PPP frames to and from the end system travel 
via the FA in the base station to the IWF in the home network. If the end system 
is at home, the home IWF is directly connected by means of the xtunnet protocol 
to the base station. Note that the home IWF may be combined with the base 
station in the same node. If the end system is roaming, a serving IWF in the 
foreign network is connected to the home IWF over an I-interface. The serving 
IWF relays frames between the base station and the home IWF. Note that the 
home IWF may be combined with the base station in the same node. From the 
home IWF, data is sent to a PPP server which may reside in the same IWF or to a 
separate server using the L2TP protocol. The separate server may be owned and 
operated by a private network operator (e.g. ISP or corporate intranet) who is 
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different from the wireless service provider. For the duration of the session, the 
location of the home IWF and die PPP server remains fixed. If the end system 
moves while connected, it will have to re-register with a new foreign agent. 
However, the same home IWF and PPP server continues to be used. A new 
xtunnei is created between the new FA and the r\VF and the old xtunnel between 
the old foreign agent and the IWF is destroyed. 

FIG. 12 shows this network configuration for two end systems A and B, 
both of whose home wireless network is wireless service provider A (WSP-A). 
One end system is registered from the home wireless network and the other from a 
foreign wireless network. The home IWF in WSP-A serves as the anchor point 
for both end systems. For both end systems, data is relayed to the home IWF. 
The home IWF connects to an internet service provider's PPP server owned by 
ISP-A. Here it is assumed that both end systems have subscribed to the same ISP. 
If that were not the case, then the home IWF would be shown also connected to 
another ISP. 

Within a wireless service providers network, data between base stations and 
the IWF is carried using the xtunnel protocol. Data between the IWF and the PPP 
server is carried using Level 2 Tunneling Protocol (L2TP). Data between the 
serving IWF and the home IWF is carried using the I-xtunnel protocol. 

In a simple scenerio, for a user in their home network requiring fixed 
service, the home IWF function may be dynamically activated in the base station. 
Also, the serving IWF function may be activated for a roaming user in the base 
station. 

Always using an IWF in the home network has its advantages and 
disadvantages. An obvious advantage is simplicity. A disadvantage is that of 
always having to relay data to and from a possibly remote home IWF. The 
alternative is to send all the necessary information to the serving IWF so that it 
may connect to the end system's ISP/intranet and for the serving IWF to send 
accounting information in near real time back to the accounting server in the home 
network. This functionality is more complex to implement, but more efficient 
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because it reduces the need to relay data over potentially long distances from the 
foreign network to the home network. 

For example, consider a case of a user who roams from Chicago to Hong 
Kong. If the user's home network is in Chicago and the user registers using a 
wireless service provider in Hong Kong, then in the first configuration, the anchor 
point will be the home IWF in Chicago and ail data will have to be relayed from 
Hong Kong to Chicago and vice versa. The home IWF in Chicago will connect to 
the user's ISP in Chicago. With the second configuration, the end system user 
will be assigned an ISP in Hong Kong. Thus, data will not always have to be 
relayed back and forth between Chicago and Hong Kong. In the second 
configuration, the serving IWF will serve as the anchor and never change for the 
duration of the session even if the end system moves. However, the location of 
the FA may change as a result of end system movement in Hong Kong. " 

FIG. 13 shows the second network configuration. In this figure, die home 
network for end system A and B is WSP-A. End system A registers from its 
home network, using its home IWF as an anchor point, and also connects to its 
ISP-A using the ISPs PPP server. End system B registers from the foreign 
network of WSP-B and uses a serving IWF which serves as the anchor point and 
connects the end system to an ISP using the ISP's PPP server. In this 
configuration, data for end system B does not have to be relayed from the foreign 
network to the home network and vice versa. 

In order for this configuration to work, not only must there be roaming 
agreements between the home and the foreign wireless service providers , but there 
also must be agreements between the foreign wireless service provider and the end 
system's internet service provider directly or through an intermediary. In the 
example above, not only must the wireless service provider in Hong Kong have a 
business agreement with the wireless service provider in Chicago, but the WSP in 
Hong Kong must have a business agreement with the user's Chicago ISP and 
access to the Chicago ISPs PPP server in Hong Kong or a business agreement with 
another TSP locally in Hong Kong who has a business agreement for roaming with 
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the user 1 Chicago ISP. Additionally, the WSP in Hong Kong must be able to 
discover these roaming relationships dynamically in order to do user authentication 
and accounting and to set up the appropriate tunnels. 

It is difficult for those companies who are in the Internet infrastructure 
business to work out suitable standards in the IETF for all of these scenarios. 
Thus, a preferable embodiment for the present systems to implement the simpler, 
potentially less efficient configuration, where the IWF in the home network is 
always used as the anchor point. However, in the presence of suitable industry 
standardization of protocols for Internet roaming, the second configuration should 
be regarded as equivalent or alternative embodiment. 

An end system will have to register with the wireless network before it can 
start PPP and send and receive data. The end system first goes through the FA 
discovery and registration phases. These phases authenticate and register the end 
system to the wireless service provider. Once these phases are over, the end 
system starts PPP. This includes the PPP link establishment phase, the PPP 
authentication phase and the PPP network control protocol phase. Once these 
phases are over, the end system is able to send and receive IP packets using PPP. 

The following discussion assumes that the end system is roaming and 
registering from a foreign network. During the FA discovery phase, the end 
system (through its user registration agent) waits for or solicits an advertisement 
from the foreign agent. The user registration agent uses advertisement messages 
sent by a near by foreign agent to discover the identity of the FA and to register. 
During this phase, the user registration agent of the end system selects a FA and 
issues a registration request to it. The FA acting as a proxy registration agent 
forwards the registration request to its registration server (the registration server in 
the foreign WSP). The registration server uses User-Name from the user 
registration agent's request to determine the end system's home network, and 
forwards the registration request for authentication to a registration server in the 
home network. Upon receiving the registration request relayed by the foreign 
registration server, die home registration server authenticates the identity of the 
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foreign registration server and also authenticates the identity of the end system. If 
authentication and registration succeeds, the home registration server selects an 
fWF in the home network to create an l-xtunnel link between the home IWF and 
the serving IWF (in the foreign WSP). The IWF in the home network serves as 
the anchor point for the duration of the PPP session. 

Once the authentication and registration phases are over, the various PPP 
phases will be started. At the start of PPP, an L2TP connection is created 
between the home IWF and requested ISP/intranet PPP server. In the PPP 
authentication phase, PPP passwords using Password Authentication Protocol 
(PAP) or Challenge Authentication Protocol CHAP are exchanged and the ISP or 
intranet PPP server independently authenticates the identity of the end system. 

Once this succeeds, the PPP network control phase is started. In this 
phase, an IP address is negotiated and assigned to the end system by the PPP 
server and the use of TCP/IP header compression is also negotiated. When this is 
complete, the end system is able to send and receive IP packets using PPP to its 
ISP or a corporate intranet. 

Note that two levels of authentication are performed. The first 
authentication authenticates die identity of the end system to the registration server 
in the home network and the identities of the foreign network and the home 
network to each other. To perform this function, the foreign agent forwards the 
end system's registration request using, for example, an IETF Radius protocol to a 
registration server in its local MSC in a Radius Access-Request packet. Using the 
end system's domain name, the foreign registration server determines the identity 
of the end system's home network and home registration server, and acting as a 
Radius proxy, encapsulates and forwards the request to the end system's home 
registration server. If the foreign registration server cannot determine the identity 
of the end system's home, it may optionally forward the Radius request to a 
registration server that acts like a broker (e.g. one that is owned by a consortium 
of wireless service providers), which can in turn proxy the Radius Access-Request 
to the final home registration server. If the local registration server is unable to 
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service the registration request locally or by proxying, then it rejects the foreign 
agent's registration request and the foreign agent rejects the end system's 
registration request. Upon receiving the Radius Access- Request, the home 
registration server perforins die necessary authentication of the identities of the 
foreign network and the end system. If authentication and registration succeeds, 
the home registration server responds with a Radius Access-Response packet to the 
foreign registration server which sends a response to the foreign agent so that a 
round trip can be completed. The registration request is rejected if the home 
registration server is unable to comply for any reason. 

The second level of authentication verifies the identity of the end system to 
the intranet or ISP PPP server, PPP authentication, separate from mobility 
authentication allows the infrastructure equipment to be deployed and owned 
separately from the ISP. 

FIG. 14 is a ladder diagram showing the registration sequence for a 
roaming end system. It is assumed that the PPP server and the home IWF are in 
the same server and L2TP is not required. Note the interactions with accounting 
servers to start accounting on behalf of the registering end system and also 
directory servers to determine the identity of the home registration server and to 
authenticate the end system's identity. More information on accounting, billing, 
roaming (between service providers) and settlement will be provided below. 

MAC layer messages from the user registration agent of the end system 
may be used to initiate Agent Solicitation. The MAC layer messages are not 
shown for clarity. 

In FIG. 14, the end system (mobile) initially solicits an advertisement and 
the foreign agent replies with an advertisement that provides the end system with 
information about the network to which the foreign agent belongs including a care- 
of-address of the foreign agent. Alternatively, this phase may be removed and all 
network advertisements may be done by a continuously emitted MAC layer beacon 
message^ In this case, the network is assumed to be a foreign wireless service 
provider. Then, a user registration agent (in the end system) incorporates the 
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information about the foreign agent (including the user name and other security 
credentials) and its network into a request and sends the request to the foreign 
agent. The foreign agent, as a proxy registration agent, relays the request to the 
foreign registration server (i.e., the registration server for the foreign wireless 
service provider. Then, the foreign registration server, recognizing that it is not 
the home directory, accesses the foreign directory server with the FDD in the 
foreign wireless service provider to learn how to direct the registration request to 
the home registration server of the wireless service provider to which the end 
system belongs. The foreign registration server responds with the necessary 
forwarding information. Then, the foreign registration server encapsulates the end 
system's registration request in a Radius access request and relays the encapsulated 
request to the home registration server of the wireless service provider to which 
the end system belongs. The home registration server accesses the home directory 
server with the HDD of the home registration server to learn at least authentication 
information about the foreign service provider. Optionally, the home registration 
server accesses the subscriber's directory to learn detail subscriber service profile 
information (e.g., quality of service options subscribed to, etc.). When all parties 
are authenticated, the home registration server sends a start IWF request to the 
home IWF and PPP server. The home IWF and PPP server starts the home 
accounting server and then sends a start IWF response to the home registration 
server. The home registration server then sends a Radius access response to the 
foreign registration server. The foreign registration server then sends a start IWF 
request to the serving IWF server. The serving IWF server starts the serving 
accounting server and then sends a start IWF response to the foreign registration 
server. The foreign registration server sends a registration reply to the foreign 
agent, and the foreign agent relays the registration reply to the end system, 

A link control protocol (LCP) configuration request is send by the end 
system through the foreign registration server to the home JWF and PPP server. 
The home IWF and PPP server sends an LCP configuration acknowledgment 
through the foreign registration server to the end system. 
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Similarly, a password authentication protocol (PAP) authentication request 
is sent to and acknowledged by the home rWF and PPP server. Alternatively, a 
challenge authentication protocol (CHAP) may be used to authenticate. Both 
protocols may be used to authenticate or this phase may be skipped. 

Similarly, an IP configuration protocol (IPCP) configure request is sent to 
and acknowledged by the home IWF and PPP server. 

The connection to the end system may be terminated because of any one of 
the following reasons. 

1. User initiated termination. Under this scenario, the end system first 
terminates the PPP gracefully. This includes terminating the PPP 
network control protocol (IPCP) followed by terminating the PPP 
link protocol. Once this is done, the end system de-registers from 
the network followed by termination of fee radio link to the access 
point. 

2. Loss of wireless link. This scenario is detected by the modem and 
reported to the modem driver in the end system. The upper layers 
of the software are notified to terminate the stacks and notify the 
user. 

3. Loss of connection to the foreign agent. This scenario is detected 
by the mobility driver in the end system. After trying to re- 
establish contact with a (potentially new) foreign agent and failing, 
the driver sends an appropriate notification up the protocol stack 
and also signals the modem hardware below to terminate the 
wireless link. 

4. Loss of connection to the IWF. This is substantially the same as for 
loss of connection to the foreign agent. 

5 . Termination of PPP by [WF or PPP server. This scenario is 
detected by the PPP software in the end system. The end system's 
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PPP driver is notified of this event. It initiates de-registration from 
the network followed by termination of the wireless link to the 
access point. 

End system service configuration refers to the concept of configuring the 
network service for an end system based on die subscriber's service profile. The 
subscriber's service profile is stored in a subscriber directory. The service profile 
contains information to enable the software to customize wireless data service on 
behalf of the subscriber. This includes information to authenticate the end system, 
allow the end system to roam and set up connections to the end system's internet 
service provider. Preferably, this information also includes other parameters, like, 
quality of service. In addition to the subscriber directory, a home domain 
directory (HDD) and a foreign domain directory (FDD) are used for roaming and 
for authenticating the foreign and home registration servers to each other. The 
HDD stores information about the end system's home network and the FDD stores 
information about foreign networks that a subscriber may visit. 

FIG. 15 shows how these directories map into the network architecture and 
are used during registration for an end system that is registering at home. In step 
0 the end system (mobile) solicits and receives an advertisement from the foreign 
agent to provides the end system with information about the network to which the 
foreign agent belongs. In this case, the network is the home wireless service 
provider. In step 1, user registration agent (in the end system) incorporates the 
information about the foreign agent and its network and its security credentials into 
a request and sends the request to the foreign agent. In step 2, the foreign agent, 
as a proxy registration agent, relays the request to the home registration server. In 
step 3, the home registration server accesses the HDD of the home wireless 
service provider to learn at least authentication information. In step 4, the home 
registration server accesses the subscriber directory to learn detail subscriber 
service profile information (e.g., quality of service options subscribed to, etc.). In 
step 5, the home registration server notifies the foreign agent of the access 
response. In steps 6 and 7, die foreign agent notifies the end system (i.e., mobile) 
of the registration reply. 
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FIG. 16 shows directory usage for an end system that is registering from a 
foreign network. In step 0 die end system (mobile) solicits and receives an 
advertisement and the foreign agent advertises which provides the end system with 
information about the network to which the foreign agent belongs. In this case, 
the network is a foreign wireless service provider. In step 1 , user registration 
agent (in the end system) incorporates the information about the foreign agent and 
its network and its security credential into a request and sends the request to the 
foreign agent. In step 2* the foreign agent, as a proxy registration agent, relays 
the request to the foreign registration server (i.e., the registration server for the 
foreign wireless service provider. In step 3, the foreign registration server 
accesses the HDD of foreign wireless service provider to learn the network to 
which the end system belongs. In step 4, the foreign registration server forwards 
the end system's request to the home registration server of the end system's home 
wireless service provider. In step 5 y the home registration server accesses the 
FDD of the home registration server to learn at least authentication information 
about the foreign service provider. In step 6, the home registration server accesses 
the subscriber's directory to learn detail subscriber service profile information 
(e.g., quality of service options subscribed to, etc.). In step 7, the home 
registration server notifies the foreign registration server of the access response. 
In step 8, the foreign registration server forwards to the foreign agent the access 
response. In step 9, the foreign agent notifies the end system (i.e. , mobile) of the 
registration reply. 

Protocol handling scenarios handle bearer data and the associated stacks tor 
transporting bearer data to and from an end system. The protocol stacks for the 
cell architectures use local APs (FIG. 17) and remote APs (FIG. 18), 

FIG. 17 shows the protocol stacks for handling communications between 
an end system (in its home network) and a home IWF for End System @ Home. 
FIG. 17 shows the protocol handling for a cell architecture where the access point 
and the wireless hub are co- located. 
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FIG. 18 shows the protocol handling for a cell architecture where the 
access point is located remotely from the wireless hub. As shown, PPP terminates 
in the IWF and the configuration provides direct internet access. The 
configuration for the case where the PPP server is separate from the IWF is 
described later. 

In FIG. 18, PPP frames from the end system are encapsulated in RLP 
(radio link protocol) frames which are encapsulated at the remote access point in 
MAC frames for communicating with the trunk access point (i.e., an access point 
physically located near the wireless hub), the remote access point being coupled to 
the access point by, for example, a wireless trunk). The access point functions as 
a MAC layer bridge and relays frames from the air link to the foreign agent in the 
wireless hub. The foreign agent de-encapsulates the RLP frames out of the MAC 
frames, and using the xtunnel protocol, relays the RLP frames to the IWF. A 
similar, albeit reverse, process occurs for transmitting frames from the IWF to the 
end system. 

If the end system moves to another foreign agent, then a new xtunnel will 
be automatically created between the new foreign agent and the IWF, so that PPP 
traffic continues to flow between them, without interruption. 

In the remote AP cell architecture (FIG. 18) using wireless trunks between 
the remote AP and the trunk AP, the air link between the end system and the 
access point may operate at a different frequency (f 1) and use a different radio 
technology as compared to the frequency (f2) and radio technology of the trunk. 

FIG. 19 shows the protocol stacks for a roaming end system. The serving 
IWF uses of the I-xttmnel protocol between the serving IWF and home IWF. The 
rest of the protocol stacks remain unchanged and are not shown. This architecture 
may be simplified by merging the serving IWF into the base station, thus 
eliminating the XWD protocol. 

The RLP layer uses sequence numbers to drop duplicate PPP datagrams 
and provide in-sequence delivery of PPP datagrams between the end system and 
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the IWF. It also provides a configurable keep-alive mechanism to monitor iink 
connectivity between the end system and die IWF. Additionally, in an alternative 
embodiment, the RLP layer also provides re- trans miss ion and flow control 
services in order to reduce the overall bit error rate of the link between the end 
system and the IWF. The RLP between the end system and the IWF is started at 
the beginning of the session and remains active throughout the session and even 
across hand-offs. 

In contrast to the specification in the mobile IP RFC (RFC 2003), fP in IP 
encapsulation is not used for tunneling between the foreign agent and the home 
IWF. Instead a new tunneling protocol, implemented on top of UDP is used. This 
tunneling protocol is a simplified version of the L2TP protocol. The reasons for 
this choice are as follows. 

1. The encapsulation protocol specified in RFC 2003 does not provide 
flow control or in-scquence delivery of packets. The presently 
described network may need these services in the tunnel over the 
backhaul. Flow control may be needed to reduce the amount of re- 
transmissions over the air link because of packet loss due to flow 
control problems over the network between the base station and the 
MSC or because of flow control problems in the base station or the 
IWF. 

2. By using a UDP based tunneling protocol, the implementation can 
be done at the user level and then put into the kernel for 
performance reasons, after it has been debugged. 

3. Using RFC 2003, there is no easy way of creating tunnels taking 
into account quality of service and load balancing. In order to take 
QOS into account, it should be possible to set up tunnels over links 
that already provide the required QOS. Secondly, using RFC 2003. 
there is no easy way to provide load balancing to distribute bearer 
traffic load over multiple links between the base station and the 
MSC. 
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4. In order to implement IP in IP encapsulation as specified in RFC 
2003, developers require access to IP source code. In commercial 
operating systems, source code for the TCP/IP stack is generally 
proprietary to other equipment manufacturers. Purchasing the 
TCP/IP stack from a vendor and making changes to the IP layer to 
support mobile IP tunneling would require a developer to continue 
supporting a variant version of the TCP/IP stack. This adds cost 
and risk. 

While it is noted that the tunneling protocol between the base station and 
the IWF is non-standard and that the wireless service provider will not be able to 
mix and match equipment from different vendors, the use of a non-standard 
tunneling protocol within a single wireless service provider network is transparent 
to end systems and equipment from other vendors. 

The new tunneling protocol is based on L2TP. By itself, L2TP is a 
heavyweight tunneling protocol so that L2TP has a lot of overhead associated with 
tunnel creation and authentication. The new tunneling protocol of the present 
system has less overhead. The new xtunnel protocol has the following features. 

t . The xtunnel creation adds vendor specific extensions to Radius 

Access Request and Radius Access Response messages between the 
base station and the registration server. These extensions negotiate 
tunnel parameters and to create the tunnel. 

2. The registration server is able to delegate the actual work of 
tunneling and relaying packets to a different IP address, and 
therefore, to a different server in the MSC. This permits the 
registration server to do load balancing across multiple IWF servers 
and to provide different QOS to various users. 

3. The xtunnel protocol supports in-band control messages for tunnel 
management. These messages include echo request/response to test 
tunnel connectivity, disconnect request/response/notify to 
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disconnect the tunnel and error notify for error notifications. These 
messages are sent over the tunneling media, for example, UDP/IP. 

4. The xtunnel protocol sends payload data over the tunneling media, 
for example, UDP/IP. The xtunnel protocol supports flow control 
and in-sequence packet delivery. 

5 . The xtunnel protocol may be implemented over media other than 
UDP/IP for quality of service. 

The network supports direct internet connectivity by terminating the PPP in 
the home IWF and routing IP packets from the IWF to the internet via a router 
using standard IP routing techniques. Preferably, the IWF runs Routing 
Information Process (RIP), and the router also runs RIP and possibly other routing 
protocols like Open Shortest Path First (OSPF). 

The network supports a first configuration for a wireless service provider 
who is also an internet service provider. In this configuration, the home IWF in 
the MSC also functions as a PPP server. This IWF also runs internet routing 
protocols like RIP and uses a router to connect to the internet service provider's 
backbone network. 

The network supports a second configuration for a wireless service 
provider who wishes to allow end systems to connect to one or more internet 
service providers, either because the WSP itself is not ISPs, or because the WSP 
has agreements with other ISPs to provide access to end users. For example, a 
wireless service provider may elect to offer network access to an end user and may 
have an agreement with a 3 rd party ISP to allow the user who also has an account 
with the 3 rt party ISP to access the ISP from the WSP network. In this 
configuration, the PPP server does not run in the home IWF installed at the MSC. 
Instead, a tunneling protocol like L2TP (Layer Two Tunneling Protocol) is used 
to tunnel back to the ISP's PPP server. FIG. 10 shows the protocol stacks for this 
configuration for an end system that is at home. 
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The location of the home IWF and die ISP PPP server remains fixed 
throughout the PPP session. Also, the L2TP tunnel between the IWF and the 
ISP's PPP server remains up throughout the PPP session. The physical link 
between the IWF and the PPP server is via a router using a dedicated Tl or T3 or 
frame relay or ATM network. The actual nature of the physical link is not 
important from the point of view of the architecture. 

This configuration also supports intranet access. For intranet access, the 
PPP server resides in the corporate intranet and the home IWF uses L2TP to 
tunnel to it. 

For a fixed end system, the protocol handling for intranet or ISP access is 
as shown in FIG. 20 with the difference diat the roaming end system uses a 
serving IWF to connect to its home IWF. The protocol handling between a 
serving IWF and a home IWF has been described earlier. In Figure 20, the home 
IWF may be merged into the wireless hub eliminating the X-Tunnel protocol. 
Also, the serving IWF may be merged into the wireless hub, thus eliminating the 
X-Tunnel protocol. 

FIG. 2 1 shows the protocol stacks used during the registration phase (end 
system registration) for a local AP cell architecture. The stack for a remote AP 
cell architecture is very similar. 

The scenario shown above is for a roaming end system. For an end system 
at home, there is no foreign registration server in the registration path. 

Note the mobility agent in the end system. The mobility agent in the end 
system and foreign agent in the wireless hub are conceptually similar to the mobile 
IP RFC 2002. The mobility agent handles network errors using time-outs and re- 
trys. Unlike the known protocol stacks for bearer data, RLP is not used. The 
foreign agent and the registration servers use Radius over UDP/IP to communicate 
with each other for registering the end system. 

Several aspects of security must be considered. The first, authenticating 
the identities of the end system and the foreign/home networks during the wireless 
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registration phase. Second, authenticating the identity of the end system with its 
PPP server during the PPP authentication phase. Third, authentication for storing 
accounting data, for billing and for updating home domain information. Fourth, 
encryption of bearer traffic transmitted to and from the end system. Fifth, 
encryption for exchanging billing information across service provider boundaries. 

Shared secrets are used to authenticate the identity of end systems with 
their home networks and the identity of the home and foreign networks with each 
other during wireless registration. 

End system authentication uses a 128-bit shared secret to create an 
authenticator for its registration request. The authenticator is created using the 
known MD5 message digest algorithm as described in the mobile IP RFC 2002. 
Alternatively, a different algorithm may be used. The shared secret is not sent in 
the registration request by the end system. Only the authenticator is sent. On 
receiving the registration request from the end system, the home registration server 
re-computes the authenticator over the registration request data using the shared 
secret. If the computed authenticator value matches the authenticator value sent by 
the end system, the home registration server allows the registration process to 
proceed, [f the values do not match, the home registration server logs the event, 
generates a security violation alarm and a nak (i.e., a negative acknowledgment) to 
the request. 

In the registration reply, the home registration server does the same - that 
is to say, uses the shared secret to create an authenticator for the registration reply 
that it sends to the end system. Upon receiving the reply, the end system re- 
computes the authenticator using the shared secret. If the computed value does not 
match the authenticator value sent by the home registration server in the reply, the 
end system discards the reply and tries again. 

These network security concepts are similar to the concepts defined in 
mobile IP RFC 2002. According to the RFC, a mobility security association exist 
between each end system and its home network. Each mobility security 
association defines a collection of security contexts. Each security context defines 
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an authentication algorithm, a mode, a secret (shared or public-private), style of 
replay protection and the type of encryption to use. In the context of the present 
network, the end system's User-Name (in lieu of the mobile IP home address) is 
used to identify the mobility security association between the end system and its 
home network. Another parameter, called the security parameter index (SPI), is 
used to select a security context within the mobility security association. In a 
basic embodiment of the invention, only the default mobile IP authentication 
algorithm (keyed-MD5) and the default mode ("prefix + suffix") are supported 
with 128-bit shared secrets. Network users are allowed to define multiple shared 
secrets with their home networks. The mechanism for creating security contexts 
for end users, assigning an SPI to each security context and for setting the contents 
of the security context (which includes the shared secret) and for modifying their 
contents are described below. During registration, a 128-bit message digest is 
computed by the end system in prefix + suffix mode using the MD5 algorithm. 
The shared secret is used as the prefix and the suffix for the data to be protected in 
the registration request. The authemicator thus computed, along with the SPI and 
the User-Name are transmitted in the registration request by the end system. Upon 
receiving the end system's registration request, the foreign registration server 
relays the request along with the authemicator and the SPI, unchanged to the home 
registration server. Upon receiving the registration request directly from the end 
system or indirectly via a foreign registration server, the home registration server 
uses the SPI and the User-Name to select the security context. The home server 
re-computes the authenticator using the shared secret. If the computed 
authenticator value matches the value of the authenticator sent in the request by the 
end system, the user's identity will have been successfully authenticated. 
Otherwise, the home registration server naks (negatively acknowledges) the 
registration request sent by the end system. 

The registration reply sent by the home registration server to the end 
system is also authenticated using the algorithm described above. The SPI and the 
computed authenticator value is transmitted in the registration reply message by 
the home server to the end system. Upon receiving the reply, the end system re- 
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computes the authenticator, and if the computed value does not match the 
transmitted value, it will discard the reply and retry. 

The user's end system has to be configured with the shared secret and SPls 
for all security contexts that the user shares with its registration server(s). This 
configuration information is preferably stored in a Win 95 registry for Windows 
95 based end systems. During registration, this information is accessed and used 
for authentication purposes. 

In the network, Radius protocols are used by foreign agent FA to register 
the end system and to configure the xtunnel between the wireless hub and the 
home and serving rWFs on behalf of the end system. On receiving a registration 
request from the end system, the FA creates a Radius Access-Request packet, 
stores its own attributes into the packet, copies the end system's registration 
request attributes unchanged into this packet and sends the combined request to the 
registration server in the MSC. 

Radius authentication requires that the Radius client (in this case, the FA in 
the base station) and the Radius server (in this case, the registration server in the 
MSC) share a secret for authentication purposes. This shared secret is also used to 
encrypt any private information communicated between the Radius client and the 
Radius server. The shared secret is a configurable parameter. The network 
follows the recommendations in the Radius RFC and uses the shared secret and the 
MD5 algorithm for authentication and for encryption, where encryption is needed. 
The Radius-Access Request packet sent by the FA contains a Radius User-Name 
attribute (which is provided by the end system) and a Radius User-Password 
attribute. The value of the User-Password attribute is also a configurable value 
and encrypted in the way recommended by the Radius protocol. Other network 
specific attributes, which are non-standard attributes from the point of view of the 
Radius RFC standards, are encoded as vendor specific Radius attributes and sent in 
the Access-Request packet. 

The following attributes are sent by the FA to its registration server in the 
Radius Access-Request packet. 
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1 . User-Name Attribute. This Ls the end system's user-name as 
supplied by the end system in its registration request. 

2. User-Password Attribute. This user password is supplied by the base 
station/wireless hub on behalf of the user, It is encoded as 
described in the Radius EFC using the secret shared between the 
base station and its registration server. 

3. NAS-Port. This is the port on the base station. 

4. NAS-IP-Address. This is the IP address of the base station. 

5. Service-Type. This is framed service. 

6. Framed Protocol. This is a PPP protocol. 

7. Xtunnel Protocol Parameters. These parameters are sent by the 
base station to specify the parameters necessary to set up the xtunnel 
protocol on behalf of the end system. This is a vendor -specific 
attribute. 

8. AP-IP-Address. This is the IP address of the AP through which the 
user is registering. This is a vendor-specific attribute. 

9. AP-MAC-Address. This is the MAC address of the AP through 10. 

10. End system's Registration Request. The registration request from 
the end system is copied unchanged into this vendor specific 
attribute. 

The following attributes are sent to the FA from the registration server in 
the Radius Access-Response packet. 

1. Service Type. This is a framed service. 

2. Framed-Proiocol. This is a PPP. 
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3. 3. Xtunnel Protocol Parameters. These parameters are sent by 
the registration server to specify the parameters necessary to set up 
the xtunnel protocol on behalf of the end system. This is a vendor- 
specific attribute. 

4. Home Registration Server's Registration Reply. This attribute is sent 
to the FA from the home registration server. The FA relays this 
attribute unchanged to the end system in a registration repJy packet. 
If there is a foreign registration server in the path, this attribute is 
relayed by it to the FA unchanged. It is coded as a vendor-specific 
attribute. 

To provide service to roaming end systems, the foreign network and the 
home network are authenticated to each other for accounting and billing purposes 
using the Radius protocol for authentication and configuration. This authentication 
is performed at the time of end system registration. As described earlier, when 
the registration server in the foreign network receives a registration request from 
an end system (encapsulated as a vendor specific attribute in a Radius-Access 
Request packet by the FA), it uses the end system's User-Name to determine the 
identity of the end system's home registration server by consulting its home 
domain directory HDD. The following information is stored in home domain 
directory HDD and accessed by the foreign registration server in order to forward 
the end system's registration request. 

1, Home Registration Server IP Address. This is the TP address of the 
home registration server to forward the registration request. 

2. Foreign Registration Server Machine Id, This is the machine ID of 
the foreign registration server in SMTP (simplified mail transfer 
protocol) format (e.g., machine® fqdn where machine is the name 
of the foreign registration server machine and fqdn is the fully 
qualified domain name of the foreign registration server's domain). 
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3. Tunneling Protocol Parameters. These are parameters for 
configuring the tunnel between the serving IWF and the home IWF 
on behalf of the end system. These include the tunneling protocol 
to be used between them and the parameters for configuring the 
tunnel. 

4. Shared Secret. This is the shared secret to be used for uthentication 
between the foreign registration server and the home registration 
server. This secret is used for computing the Radius User-Password 
attribute in the Radius packet sent by the foreign registration server 
to the home registration server. It is defined between the two 
wireless service providers. 

5. User-Password. This is the user password to be used on behalf of 
the roaming end system. This user password is defined between the 
two wireless service providers. This password is encrypted using 
the shared secret as described in the Radius RFC. 

6. Accounting Parameters. These are parameters for configuring 
accounting on behalf of the end system that is registering. These 
parameters are sent by the registration server to its IWF for 
configuring accounting on behalf of the end system. 

Using this information, the foreign registration server creates a Radius 
Access-Request, adds its own registration and authentication information into the 
Radius Access-Request, copies the registration information sent by the end system 
unchanged into the Radius Access -Request and sends the combined request to the 
home registration server. 

Upon receiving the Radius-Access Request from the foreign registration 
server (for a roaming end system) or directly from the FA (for an end system at 
home), the home registration server consults its own directory server for the 
shared secrets to verify the identity of the end system and the identity of the 
foreign registration server in a roaming scenario by re-computing authenticators . 
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After processing the request successfully, the home registration server 
creates a Radius Access-Accept response packet and sends it to the foreign 
registration server if the end system is roaming, or directly to the FA from which 
it received the Radius Access-Request. The response contains the registration 
reply attribute that the FA relays to the end system. 

If the request can not be processed successfully, the home registration 
server creates a Radius Access-Reject response packet and sends it to the foreign 
registration server if the end system is roaming, or directly to the FA from which 
it received the Radius Access-Request. The response contains the registration 
reply attribute that the FA will relays to the end system. 

In a roaming scenario, the response from the home registration server is 
received by the foreign registration server. It is authenticated by the foreign 
registration server using the shared secret. After authenticating, the foreign 
registration server processes the response, and in turn, it generates a Radius 
response packet (Accept or Reject) to send to the FA. The foreign registration 
server copies the registration reply attribute from the home registration server=s 
Radius response packet, unchanged, into its Radius response packet. 

When the FA receives the Radius Access-Response or Radius Access - 
Reject response packet, it creates a registration reply packet using the registration 
reply attributes from the Radius response, and sends the reply to the end system, 
thus completing the round trip registration sequence. 

Mobile IP standards specifies that replay protection for registrations are 
implemented using time stamps, or optionally, using nonces. However, since 
replay protection using time stamps requires adequately synchronized time-of-day 
clocks between the corresponding nodes, the present system implements replay 
protection during registration using nonces even though replay protection using 
time stamps is mandatory in the Mobile IP standards and the use nonces is 
optional. However, replay protection using time stamps as an alternative 
embodiment is envisioned. 
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The style of replay protection used between nodes is stored in die security 
context in addition to the authentication context, mode, secret and type of 
encryption. 

The network supports the use of PPP PAP (password authentication) and 
CHAP (challenge authenticated password) between the end system and its PPP 
server. This is done independently of the registration and authentication 
mechanisms described earlier. This allows a private intranet or an ISP to 
independently verify the identity of the user. 

Authentication for accounting and directory services is described below 
with respect to accounting security. Access to directory servers from network 
equipment in the same MSC need not be authenticated. 

The network supports encryption of bearer data sent between the end 
system and the home IWF. End systems negotiate encryption to be on or off by 
selecting the appropriate security context. Upon receiving the registration request, 
the home registration server grants the end system^ request for encryption based 
upon the security context. In addition to storing the authentication algorithm, 
mode, shared secret and style of replay protection, the security context is also used 
to specify the style of encryption algorithm to use. If encryption is negotiated 
between the end system and the home agent, then the complete PPP frame is so 
encrypted before encapsulation in RLP. 

The IWF, the accounting server and the billing system are part of the same 
trusted domain in the MSC. These entities are either connected on the same LAN 
or part of a trusted intranet owned and operated by the wireless service provider. 
Transfer of accounting statistics between the IWF and the accounting server and 
between the accounting server and the customer's billing system may be encrypted 
using Internet IP security protocols like IP-Sec. 

The network makes it more difficult to monitor the location of the end 
system because it appears that all PPP frames going to and from the end system go 
through the home IWF regardless of the actual location of the end system device. 
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Accounting data is collected by the serving IWF and the home IWF in the 
network. Accounting data collected by the serving IWF is sent to an accounting 
server in the serving IWF*s MSG. Accounting data collected by the home IWF is 
sent to an accounting server in the home IWF's MSC. The accounting data 
collected by the serving IWF is used by the foreign wireless service provider for 
auditing and for settlement of bills across wireless service provider boundaries (to 
support roaming and mobility). The accounting data collected by the home IWF is 
used for billing the end user and also for settlement across wireless service 
provider boundaries to handle roaming and mobility. 

Since all data traffic flows through the home IWF, regardless of the end 
system's location and the foreign agent's location, the home IWF has all the 
information to generate bills for the customer and also settlement information for 
the use of foreign networks. 

The serving IWF and the home IWF preferably use the Radius accounting 
protocol for sending accounting records for registered end systems. The Radius 
accounting protocol is as documented in a draft IETF RFC- For the present 
invention, the protocol has to be extended by adding vendor specific attributes for 
the network and by adding check-pointing to the Radius Accounting protocol. 
Check-pointing in this context refers to the periodic updating of accounting data to 
minimize risk of loss of accounting records. 

The Radius accounting protocol runs over U DP/IP and uses re-try s based 
on acknowledgment and time outs. The Radius accounting client (serving IWFs or 
home IWFs) send UDP accounting request packets to their accounting servers 
which send acknowledgments back to the accounting clients. 

In the network, the accounting clients (serving IWF and the home IWF) 
emit an accounting start indication at the start of the user's session and an 
accounting stop indication at the end of the user's session. In the middle of the 
session, the accounting clients emit accounting checkpoint indications. In contrast, 
the Radius accounting RFC does not specify an accounting checkpoint indication. 
The software of the present system creates a vendor specific accounting attribute 
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for this purpose. This accounting attribute is present in all Radius Accounting- 
Request packets which have Acct-Status-Type of Start (accounting start 
indications). The value of this attribute is used to convey to the accounting server 
whether the accounting record is a check-pointing record or not. Check-pointing 
accounting reports have a time attribute and contain cumulative accounting data 
from the start of the session. The frequency of transmitting check-point packets is 
configurable in the present invention. 

The serving IWF and the home I WF are configured by their respective 
registration servers for connecting to their accounting servers during the 
registration phase. The configurable accounting parameters include the IP address 
and UDP port of the accounting server, the frequency of check-pointing, the 
session/multi-session id and the shared secret to be used between the accounting 
client and the accounting server. 

The network records the following accounting attributes for each registered 
end system. These accounting attributes are reported in Radius accounting packets 
at the start of the session, at the end of the session and in the middle (check-point) 
by accounting clients to their accounting servers. 

1 . User Name. This is like the Radius User-Name attribute discussed 
above. This attribute is used to identify the user and is present in 
all accounting reports. The format is "userSdomain" where 
domain is the fully qualified domain name of the user's home. 

2. NAS IP Address. This is like the Radius NAS-TP- Address attribute 
discussed above. This attribute is used to identify the IP address of 
the machine running the home IWF or the serving IWF. 

3. Radio Port. This attribute identifies the radio port on the access 
point providing service to the user. This attribute is encoded as a 
vendor specific attribute. 
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4. Access Point IP Address. This attribute identifies the IP address of 
the access point providing service to the user. This attribute is 
encoded as a vendor specific attribute. 

5. Service Type, This is like the Radius Service-Type attribute 
described above. The value of this attribute is Framed. 

6. Framed Protocol This is like the Radius Framed- Protocol attribute 
described above. The value of this attribute is set to indicate PPP, 

7. Accounting Status Type, This is like the Radius Aoct-Status-Type 
attribute described above. The value of this attribute may be Start to 
mark the start of a user's session with the Radius client and Stop to 
mark the end of the user's session with the Radius client. For 
accounting clients, the Acct-Status-Type/Start attribute is generated 
when the end system registers. The Acct-Status-type/Stop attribute 
is generated when the end system de-registers for any reason. For 
checkpoints, the value of this attribute is also Start and the 
Accounting Checkpoint attribute is also present. 

8. Accounting Session Id, This is like the Radius Acct-Session-Id 
described above. In a roaming scenario, this session id is assigned 
by the foreign registration server when the end system issues a 
registration request. It is communicated to the home registration 
server by the foreign registration server during the registration 
sequence. The home network and the foreign network both know 
the Acct-Session-Id attribute and are able to emit this attribute while 
sending accounting records to their respective accounting servers. 
In a "end system-at-home" scenario, this attribute is generated by 
the home registration server. The registration server communicates 
the value of this attribute to the IWF which emits it in all 
accounting records. 
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9. Accounting Multi-Session Id. This is like the Radius Acct-Multi- 
Session-Id discussed above. This id is assigned by the home 
registration server when a registration request is received from a FA 
direcily or via a foreign registration server on behalf of an end 
system. It is communicated to the foreign registration server by the 
home registration server in the registration reply message. The 
registration scrver(s) communicates the value of this attribute to die 
IWF(s) which emit it in aH accounting records. 

With true mobility added to the architecture, the id is used to relate 
together the accounting records from different IWFs for the same end system if the 
end system moves from one IWF to another. For hand-offs across IWF 
boundaries, the Acct-Sess ion-Id is different for accounting records emanating from 
different [WFs. However, the Acct- Multi-Session-Id attribute is the same for 
accounting records emitted by all IWFs that have provided service to the user. 
Since the session id and the multi-session id are known to both the foreign network: 
and the home network, they are able to emit these attributes in accounting reports 
to their respective accounting servers. With the session id and the multi-session 
id, billing systems are able to correlate accounting records across IWF boundaries 
in the same wireless service provider and even across wireless service provider 
boundaries. 

L Accounting Delay Time. See Radius Acct-De lay-Time attribute. 

2. Accounting Input Octets. See Radius Acct-Input-Octets. This 
attribute is used to keep track of the number of octets sent by the 
end system (input to the network from the end system). This count 
is used to track the PPP frames only. The air link overhead, or any 
overhead imposed by RLP, etc. is not counted. 

3. Accounting Output Octets, See Radius Acct-Output-Octets. This 
attribute is used to keep track of the number of octets sent to the 
end system (output from the network to the end system). This 
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count is used to track the PPP frames only. The air link overhead, 
or any overhead imposed by RLP, etc. and is not counted. 

4. Accounting Authentic. See Radius Acct- Authentic attribute. The 
value of this attribute is Local or Remote depending on whether the 
serving IWF or the home IWF generates the accounting record. 

5. Accounting Session Time. See Radius Acct-Sess ion-Time attribute. 

This attribute indicates the amount of time that the user has been 
receiving service. If sent by the serving IWF, this attribute tracks 
the amount of time that the user has been receiving service from 
that serving IWF. If sent by the home IWF, this attribute tracks the 
amount of time that the user has been receiving service from the 
home IWF. 

6. Accounting Input Packets. See Radius Acct-Input-Packets attribute. 

This attribute indicates the number of packets received from the 
end system. For a serving IWF, this attribute tracks the number of 
PPP frames input into the serving IWF from an end system. For a 
home IWF, this attribute tracks the number of PPP frames input 
into the home IWF from an end system. 

7- Accounting Output Packets. See Radius Acct-Output-Packets 

attribute. This attribute indicates the number of packets sent to the 
end system. For a serving IWF, this attribute tracks the number of 
PPP frames output by the serving IWF to the end system. For a 
home IWF, this attribute tracks the number of PPP frames sent to 
the end system from the home IWF. 

8. Accounting Terminate Cause. See Radius Acct-Terminate-Cause 

attribute. This attribute indicates the reason why a user session was 
terminated. In addition, a specific cause code is also present to 
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provide additional details. This attribute is only present in 
accounting reports at the end of the session. 

9. Network Accounting Terminate Cause. This attribute indicates a 
detailed reason for terminating a session. This specific attribute is 
encoded as a vendor specific attribute and is only reported in a 
Radius Accounting attribute at the end of session. The standard 
Radius attribute Acct-Terminate-Cause is also present. This 
attribute provides specific cause codes, not covered by the Acct- 
Terminate-Cause attribute. 

10. Network Air link Access Protocol This attribute indicates the air 
link access protocol used by the end system. This attribute is 
encoded as a vendor specific attribute. 

11. Network Backhaul Access Protocol. This attribute indicates the 
backhaul access protocol used by the access point to ferry data to 
and from the end system. This attribute is encoded as a vendor 
specific attribute. 

12. Network Agent Machine Name. This attribute is the fully qualified 
domain name of the machine running the home IWF or the serving 
IWF. This specific attribute is encoded in vendor specific format. 

13. Network Accounting Check point. Since the Radius accounting RFC 
does not define a check-point packet, the present network 
embodiment uses a Radius accounting start packet with this attribute 
to mark a check-point. The absence of a check-point attribute 
means a conventional accounting start packet. The presence of this 
attribute in a accounting start packet means a accounting check- 
point packet, Accounting stop packets do not have this attribute. 

In the preferred embodiment, every accounting packet and the 
corresponding reply must be authenticated using MD5 and a shared secret. The 
IWFs are configured with a shared secret that are used by thern for authentication 
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during communication with their Radius accounting server. The shared secrets 
used by the IWFs for communicating with accounting servers are stored in the 
home/foreign domain directory located in the MSC. The shared secrets for 
accounting security are communicated to the IWFs by their registration servers 
during the end system registration sequence. 

The accounting server software runs in a computer located in the MSC. 
The role of the accounting server in the system is to collect raw accounting data 
from die network elements (the home and the serving IWFs), process the data and 
store it for transfer to the wireless service provider's billing system. The 
accounting server does not include a billing system. Instead, it includes support 
for an automatic or manual accounting data transfer mechanism. Using the 
automatic accounting data transfer mechanism, the accounting server transfers 
accounting records in AMA billing format to the customer's billing system over a 
TCP/IP transport. For this purpose, the system defines AMA hilling record 
formats for packet data. Using the manual transfer mechanism, customers are able 
to build a tape to transfer accounting records to their billing system. In order to 
build the tape to their specifications, customers are provided with information to 
access accounting records so that they may process them before writing them to 
tape. 

In FIG. 22, the raw accounting data received by the accounting server from 
the home or serving IWFs are processed and stored by the accounting server. The 
processing done by the accounting server includes filtering, compression and 
correlation of the raw accounting data received from the IWF. A high availability 
file server using dual active/standby processors and hot swappable RAID disks is 
used for buffering the accounting data while it is transiting through the accounting 
server. 

The accounting server delays processing of the raw accounting data until an 
end system has terminated its session. When an end system terminates its session, 
the accounting server processes the raw accounting data that it has collected for the 
session and stores an accounting summary record in a SQL database. The 
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accounting summary record stored in the SQL data base points to an ASN. 1 
encoded file. This file contains detailed accounting information about the end 
system's session. The data stored in the accounting server is then transferred by 
the billing data transfer agent to the customer's billing system. Alternatively, the 
wireless service provider may transfer the accounting data from the SQL database 
and/or the ASN. I encoded file to the billing system via a tape. The data base 
scheme and the format of the ASN. 1 encoded file are documented and made 
available to customers for this purpose. If the volume of processed accounting 
data stored in the accounting system exceeds a high water mark, the accounting 
server generates an NMS alarm. This alarm is cleared when the volume of data 
stored in the accounting server falls below a low water mark. The high and low 
water marks for generating and clearing the alarm are configurable. The 
accounting server also generates an NMS alarm if the age of the stored accounting 
data exceeds a configurable threshold. Conversely, the alarm is cleared, when the 
age of the accounting data falls below the threshold. 

The subscriber directory is used to store information about subscribers and 
is located in the home network. The home registration server consults this 
directory during the registration phase to authenticate and register an end system. 
For each subscriber, the subscriber directory stores the following information. 

1. User-Name. This field in the subscriber record will be in SMTP 
format (e.g., user@fqdn) where the user sub-field will identify the 
subscriber in his or her wireless home domain and the fqdn sub- 
field will identify the wireless home domain of the subscriber. This 
field is sent by the end system in its registration request during the 
registration phase. This field is assigned by the wireless service 
provider to the subscriber at the time of subscription to the network 
service. This field is different than the user name field used in 
PPP. 

2. Mobility Security Association. This field in the subscriber record 
contains the mobility security association between the subscriber 
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and his or her home network. As described above, a mobility 
security association exists between each subscriber and its home 
registration server. The mobility security association defines a 
collection of security contexts. Each security context defines an 
authentication algorithm, an authentication mode, a shared secret, 
style of replay protection and the type of encryption (including no 
encryption) to use between the end system and its home server. 
During registration, the home registration server retrieves 
information about the subscriber's security context from the 
subscriber directory using the User-Name and the security 
parameter index (SPl) supplied by the end system in its registration 
request. The information in the security context is used for 
enforcing authentication, encryption and replay protection during 
the session. The mobility security association is created by the 
wireless service provider at the time of subscription. It is up to the 
wireless service provider to permit the subscriber to modify this 
association either by calling up a customer service representative or 
by letting subscribers access to a secure Web site. The Web site 
software will export web pages which the wireless service provider 
may make accessible to subscribers from a secure web server. In 
this way, subscribers are able to view/modify the contents of the 
mobility security association in addition to other subscriber 
information that the service provider may make accessible. 

Modem MAC Address, This field contains the MAC address of the 
modem owned by the subscriber. In addition to the shared secret, 
this field is used during registration to authenticate the user. It is 
possible to turn off MAC address based authentication on a per user 
basis. The MAC address is communicated to the home registration 
server during registration. 
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4. Enable MAC Address Authentication. This field is used to determine 
if MAC address based authentication is enabled or disabled. If 
enabled, the home registration server checks the MAC address of 
the registering end system against this field to validate the end 
system's identity. If disabled, then no checking is done. 

5. Roaming Enabled Flag. If this field is set to enabled, then the end 
system is allowed to roam to foreign networks. If this field is 
disabled, then the end system is not permitted to roam to foreign 
networks, 

6. Roaming Domain List. This field is meaningful only if the Roaming 
Enabled Flag is set to enabled. This field contains a list of foreign 
domains that the end system is allowed to roam to. When the 
contents of this list is null and the Roaming Enabled Flag is set to 
enabled, the end system is allowed to roam freely. 

1. Service Enable/Disable Flag, This field may be set to disabled by 
the system administrator to disable service to a subscriber. If this 
field is disabled, then the subscriber is permitted to register for 
service. If the subscriber is registered and the value of this field is 
set to disabled, then the subscriber's end system is immediately 
disconnected by the network. 

8. Internet Service Provider Association. This field contains 

information about the subscriber's internet service provider. This 
information is used by the FWF during the PPP registration phase to 
perform authentication with the internet service provider on behalf 
of the end system and also to create a L2TP tunnel between the 
IWF and the internet service provider's PPP server. This field 
contains the identity of the subscriber's ISP. The IWF uses this 
information to access the ISP directory for performing 
authentication and setting up the L2TP tunnel on behalf of the end 
system. 
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9. Subscriber's Name & Address Information. This field contains the 
subscriber's name, address, phone, fax, e-maii address, etc. 

The home domain directory (HDD) is used by the registration server to 
retrieve parameters about the end system to complete registration on behalf of the 
end system. Using this information, the registration server determines if die end 
system is registering at home or if the end system is a roaming end system. In the 
former case, the registration server assumes the role of a home registration server 
and proceed with end system registration. In the latter case, the registration server 
assumes the role of a foreign registration server and, acting as a Radius proxy, it 
forwards the request to the real home registration server whose identity it gets 
from this directory. For roaming end system, the parameters stored in the HDD 
include the IP address of the home registration server, the home-foreign shared 
secret, the home-serving IWF tunnel configuration etc. The HDD is located in the 
MSG. 

The following information is stored in the HDD. 

1 . Home Domain Name, This field is used as the key to search the 
HDD for an entry that matches the fully qualified home domain 
name provided by the end system in its registration request. 

2. Proxy Registration Request. This field is used by the registration 
server to determine if it should act as a foreign registration server 
and proxy the end system's registration request to the real home 
registration server. 

3. Home Registration Server DNS Name. If the proxy registration 
request flag is TRUE, this field is used to access the DNS name ot 
the real home registration server. Otherwise, this field is ignored. 
The DNS name is translated to an IP address by the foreign 
registration server. The foreign registration server uses the IP 
address to relay the end system's registration request. 
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4. Foreign Domain Name, [f the prary registration request flag is 
TRUE, this field is used to identify the foreign domain name to the 
end system's home registration server. Otherwise, this field is 
ignored. The foreign registration server uses this information to 
create the foreign server machine id in SMTP format, for example, 
machine@fqdn. This machine id is sent to the home registration 
server by the foreign registration server in the Radius-Access 
Request. 

5. Shared Secret. If the proxy registration request flag is TRUE, the 
shared secret is used between the foreign and home registration 
servers to authenticate their identity with each other. Otherwise this 
field is ignored. 

6. Tunneling Protocol Parameters. This field is used to store 
parameters to configure the tunnels to provide service to the end 
system. For an end system at home, this includes information on 
tunnel parameters between the base station and the home IWF and 
from the home IWF to the PPP server. For a roaming end system, 
this includes tunneling parameters from the base station to the 
serving IWF and from the serving IWF to the home IWF. At a 
minimum, for each tunnel, this field contains the type of tunneling 
protocol to use and any tunneling protocol specific parameters. For 
example, this field may contain the identifier for the tunneling 
protocol L2TP and any additional parameters required to configure 
the L2TP tunnel between the IWF and its peer. 

7. Accounting Server Association. This field is used to store 
information needed by the IWF to generate accounting data on 
behalf of the end system. It contains the name of the accounting 
protocol (e.g. RADIUS), the DNS name of the accounting server 
and additional parameters specific to the accounting protocol like 
the UDP port number, the shared secret that the IWF must use in 
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the Radius Accounting protocol, the frequency of check-pointing, 
the seed for creating the session/multi-session id, etc, The 
accounting server's DNS name is translated to the accounting 
server's IP address, which is sent to the IWF. 

For wireless service providers that have roaming agreements with each other, 
the HDD is used for authentication and to complete the registration process. If an 
end system roams from its home network to a foreign network, the foreign 
registration server in that network consults the HDD in its MSC to get information 
about the visiting end system's home registration and to authenticate the home 
network before it provides service to the visiting end system. 

The software for home domain directory management preferably provides a 
graphical user interface (GUI) based HDD management interface for system 
administrators. Using this GUI, system administrators are able to view and update 
entries in the HDD. This GUI is not intended for use by foreign wireless network 
service providers to perform remote updates based on roaming agreements. It is only 
intended for use by trusted personnel of die home wireless service provider operating 
behind fire walls. 

The foreign domain directory (FDD) provides functionality that is the reverse 
of the home domain directory. The FDD is used by the home registration server to 
retrieve parameters about the foreign registration server and the foreign network in 
order to authenticate the foreign network and create a tunnel between a serving IWF 
and a home IWF. These parameters include the home-foreign shared secret, the 
home IWF-serving IWF tunnel configuration, etc. The FDD is preferably located in 
the home registration server's MSC. The FDD is used by home registration servers 
for registering roaming end systems. 

The following information will be stored in the FDD. 

L Foreign Domain Name. This field is used as the key to search the 
FDD for an entry that matches the fully qualified domain name of the 
foreign registration server relaying the registration request. 
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2. Shared Secret. This is the shared secret used between the foreign and 
home registration servers to authenticate their identity mutually with 
each other. 

3. Home IWF-Serving IWF Tunneling Protocol Parameters, This field 
is used to store parameters to configure the tunnel between the home 
IWF and the serving IWF. At a minimum, this field contains the type 
of tunneling protocol to use and any tunneling protocol specific 
parameters. For example, this field may contain the identifier for the 
tunneling protocol L2TP and any additional parameters required to 
configure the L2TP tunnel between the serving IWF and the home 
IWF. 

4. Accounting Server Association. This field is used to store information 
needed by the home IWF to generate accounting data on behalf of the 
end system. It contains the name of the accounting protocol (e.g. 
RADIUS), the DNS name of the accounting server and additional 
parameters specific to the accounting protocol like the UDP port 
number, the shared secret that the [WF must use in the Radius 
Accounting protocol, the frequency of check-pointing, the seed for 
creating the session/multi-session id, etc. The accounting server's 
DNS name is translated to the accounting servers IP address, which 
is sent to the foreign agent. 

For wireless service providers that have roaming agreements with each other, 
the FDD is used to do authentication and complete the registration process, If an end 
system roams from its home network to a foreign network, the registration server in 
the home network consults the FDD in its MSC to get information and authenticate 
the foreign network providing service to the end system. 

The foreign domain directory management software provides a graphical user 
interface (GUI) based FDD management interface for system administrators. Using 
this GUI, system administrators are able to view and update entries in the FDD. This 
GUI is not intended for use by foreign wireless network service providers to perform 
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remote updates based on roaming agreements. It is only intended for use by trusted 
personnel of the home wireless service provider operating behind firewalls. 

The internet service provider directory (1SPD) is used by the home IWF to 
manage connectivity with ISPs that have service agreements with the wireless service 
provider so that subscribers may access their ISPs using the network. For each 
subscriber, the subscriber directory has an entry for the subscriber's ISP. This field 
points to an entry in the ISPD. The home IWF uses this information to set up the 
connection to the ISP on behalf of the subscriber, 

The network architecture supports roaming. In order for roaming to work 
between wireless service providers, the architecture must support the setting up of 
roaming agreements between wireless service providers. This implies two things: 
(1) updating system directories across wireless service providers and (2) settlement 
of bills between service providers. 

In order to allow subscribers access to internet service providers, the 
architecture supports roaming agreements with internet service providers. This 
implies that the architecture must be able to send data to and receive data from ISP 
PPP servers (i.e., that support industry standard protocols like PPP, L2TP and 
Radius). It also implies that the architecture handles directory updates for ISP access 
and settlement of bills with ISPs. 

When roaming agreements are established between two wireless service 
providers, both providers have to update their home and foreign domain directories 
in order to support authentication and registration functions for end systems visiting 
their networks from the other network. At a minimum, the architecture of the present 
embodiment supports manual directory updates. When a roaming agreement is 
established between two wireless service providers, then the two parties to the 
agreement exchange information for populating their home and foreign domain 
directories. The actual updates of the directories is done manually by the personnel 
of the respective service providers. If later, the information in the home and foreign 
domain directories needs to be updated, the two parties to the agreement exchange the 
updated information and then manually apply their updates to the directories. 
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In an alternative embodiment, the directory management software incorporates 
developing standards in the IETF to enable roaming between internet service 
providers and to enable ISPs to automatically manage and discover roaming 
relationships. This makes manual directory management no longer necessary. The 
network system automatically propagates roaming relationships, and discovers them, 
to authenticate and register visiting end systems. 

At a minimum, the network architecture just processes and stores the 
accounting data and makes the data available to the wireless service provider's billing 
system, it is up to the billing system to handle settlement of bills for roaming. 

Tn an alternative embodiment, developing standards in the IETF to handle 
distribution of accounting records between internet service providers are incorporated 
into the network architecture to enable ISPs to do billing settlement for roaming end 
systems. 

The system software supports access to ISPs and private intranets by 
supporting L2TP between the home IWF and the ISPs or intranet PPP server. The 
internet service provider directory contains information useful to the IWF for creating 
these tunnels. As access agreements between the wireless service provider and 
internet service providers are put in place, this directory is updated manually by the 
wireless service provider's personnel. Automatic updates and discovery or access 
relationships between the wireless service provider and internet service providers are 
presendy contemplated and implemented as the internet standards evolve. While 
accessing an internet service provider, the subscriber receives two bills - one from the 
wireless service provider for the use of the wireless network and the second from the 
internet service provider. Although common billing that combines both types of 
charges is not handled by the minimum embodiment software, it is contemplated that 
the software will take advantage of internet standards for billing settlement as they 
evolve so that subscribers may receive a common bill based on roaming agreements 
between the ISP and wireless service providers. 

-The system includes a element management system for managing the network 
elements. From the element manager, system administrators perform configuration. 
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performance and fault/alarm management functions. The element management 
applications run on top of a web browser. Using a web browser, system 
administrators manage the network from anywhere that they have TCP/IP access. 
The element manager also performs an agent role tor a higher level manager. In this 
role it exports an SNMP MIB for alarm and fault monitoring. 

A higher level SNMP manager is notified of alarm conditions via SNMP 
traps. The higher level SNMP manager periodically polls the element manager's MIB 
for the health and status of the network. System management personnel at the higher 
level manager are able to view an icon representation of the network and its current 
alarm state. By pointing and clicking on the network element icon, systems 
management personnel execute element management applications using a web browser 
and perform more detailed management functions. 

Inside the network, management of the physical and logical network elements 
is performed using a combination of the SNMP protocol and internal management 
application programming interfaces. Applications in the element manager use SNMP 
or other management APIs to perform network management functions. 

Architecturally, the element management system includes two distinct sets of 
functional elements. The first set of functional elements, including the configuration 
data server, performance data monitor and health/status monitor and network element 
recovery software, executes on an HA server equipped with RAID disks. The second 
set of functional elements, including the management applications, executes on a 
dedicated, non-HA management system. Even if the element manager system 
becomes non-operational, the network elements continue to be able to run and report 
alarms and even be able to recover from fault conditions. However, since all the 
management applications execute in the non-HA element manager, if the element 
manager goes down, then recovery actions requiring human intervention are not 
possible until the element manager becomes operational. 

The wireless hubs (WHs) in the base stations are typically owned by a wireless 
service provider (WSP), and they are connected to the WSP's registration server (RS) 
either via point-to-point links, intranets or the Internet. The WSP's registration server 
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is typically a software module executing on a processor to perform certain registration 
functions. Inter-working function units (IWF units) are typically software modules 
executing on a processor to perform certain interfacing functions. IWF units are 
typically connected to the registration servers via intranets/WAN, and the IWF units are 
typically owned by the WSP. However, the IWF units need not be located within the 
same LAN as the registration servers. Typically, accounting and directory servers (also 
software modules executing on a processor) are connected to the registration servers via 
a LAN in the service provider's Data Center (e.g., a center including one or more 
processors that hosts various servers and other software modules). Traffic from the end 
system is then routed via a router (connected to the LAN) to the public Internet or to 
an ISP=s intranet. The registration server located in a foreign WSP's network is 
referred to as the foreign registration server (FRS), and the registration server located 
in the end system's home network (where the mobile purchases its service) is referred 
to as the home registration server (HRS). The inter-working function unit in the home 
network is referred to as the home IWF while the inter-working function unit in the 
foreign network (i.e., the network the end system is visiting) is referred to as the serving 
TWF 

For fixed wireless service (i.e., a non-moving end system), an end system may 
register for service on the home network from the home network (e.g., at home service) 
or from a foreign network (e g, roaming service). The end system receives an 
advertisement sent by an agent (e.g., an agent function implemented in soft ware) in the 
wireless hub via the access point. There are both MAC-iayer registration as well as 
network- layer registration to be accomplished. These may be combined together for 
efficiency. 

For end systems at home (FIG. 23), the network layer registration (like a local 
registration) make's known to the home registration server the wireless hub to which the 
end system is currently attached. An IWF in the end system's home network will become 
the anchor or home IWF. Thus, PPP frames to and from the end system travel via the 
wireless hub to the home IWF in the home network. If the end system is at home, the 
home IWF is connected to the wireless hub via an XTunnel protocol. 
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For roaming wireless service {FIG. 24), the foreign registration server 
determines the identity of the home network of the roaming end system during the 
registration phase. Using this information, the foreign registration server communicatea 
with the home registration server to authenticate and register the end system. The 
foreign registration server then assigns a serving IWF, and an I-XTunnd protocol 
connection is established between the home IWF and the serving IWF for the roaming 
end system. The serving IWF relays frames between the wireless hub and the home 
IWF From the home IWF, data is sent to a PPP server (i.e., point-to-point protocol 
server) which may reside in the same IWF However, if the data is to go to a corporate 
intranet or an ISP's intranet that has its own PPP server, the data is sent to the separate 
PPP server via the L2TP protocol. The separate server is typically owned and operated 
by an Internet service provider who is different from the wireless service provider. For 
the duration of the session, the locations of the home IWF and PPP server remain fixed. 
The MAC layer registration can be combined with the network registration to 
economize on the overhead of separate communications for MAC layer and network 
layer registration, however, it may be advantageous to not combine these registration 
processes so that the WSP's equipment will be interoperable with other wireless 
networks that supports pure IETF Mobile-IP. 

Registration sets up three tables. Table 1 is associated with each access point, 
and Table I identifies each connection (e.g., each end system) by a connection id (CID) 
and associates the connection id with a particular wireless (WM) modem address (i.e., 
the address of the end system or end system). Table 2 is associated with each wireless 
hub (WH), and Table 2 associates each connection id with a corresponding wireless 
modem address, access point and XTunnel id (XTD). Table 3 is associated with each 
inter-working function (IWF), and Table 3 associates each connection id with a 
corresponding wireless modem address, wireless hub address, XTunnel id and IP port 
(IP/port). The entries described for these tables are described to include only relevant 
entries that support the discussion of mobility management. In reality, there are other 
important fields that need to be included as well. 
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1 able 1 : Connection Table at AP 
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The protocol stacks for dial-up users at home in a network as well us roaming 
users are illustrated in FIGS. 25-25. FIG. 25 depicts protocol stacks used for direct 
internet access by a fixed (i.e., non-moving) end system at home where a PPP protocol 
message terminates in the home IWF (typically collocated with the wireless hub) which 
relays message to and from an IP router and from there to the public internet FIG. 26 
depicts protocol stacks used for remote intranet access (i.e., either private corporate nets 
or an ISP) by a fixed (i.e., non-moving) end system at home where a PPP protocol 
message is relayed through the home IWF (typically collocated with the wireless hub) 
to a PPP server of the private corporate intranet or ISP. FIG. 27 depicts protocol stacks 
used for direct internet access by a roaming but fixed (i.e., non-moving) or a moving end 
system where the PPP protocol terminates in the home IWF (typically located in a 
mobile switching center of the home network) which relays message to and from an EP 
router. In FIG. 27, note how message traffic passes through a serving IWF (typically 
collocated with the wireless hub) in addition to the home IWF. FIG. 28 depicts protocol 
stacks used for remote intranet access (i.e., either private corporate nets or an ISP) by 
a roaming but fixed (i.e., non-moving) or a moving end system where a PPP protocol 
message is relayed through the home IWF (typically located in a mobile switching center 
of the home network) to a PPP server of the private corporate intranet or ISP In FIG 
28, note how message traffic passes through a serving IWF (typically collocated with the 
wireless hub) in addition to the home IWF. When the serving IWF and the wireless hub 
are co-located in the same nest of computers or are even programmed into the same 
computer, it is not necessary to establish a tunnel using the XTunnel protocol between 
the serving IWF and the wireless hub. 

Equivalent variations to these protocol stacks (e.g. the RLP can be terminated 
at the wireless hub rather than at the serving IWF or home IWF for mobiles at home) are 
also envisioned. If the IWF is located far from the wireless hub, and the packets can 
potentially be carried over a lossy LP network between the IWF and wireless hub, then 
it would be preferred to terminate the RLP protocol at the wireless hub Another 
variation is the Xtunnel between wireless hub and IWF need not be built on top of the 
UDP/TP. Xtunnels can be built using the Frame Relay/ ATM link layer. However, the 
use of-UDP/IP makes it easier to move the wireless hub and IWF software from one 
network to another 
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Furthermore, the PPP protocol can be terminated in a wireless modem and sent 
to one or more endsystems via an ethernet connection. As illustrated in FIG. 29, the 
wireless modem 300 receives the PPP protocol information and encapsulates the PPP 
payload in an ethernet frame to be transported to at least one of the end systems 304 and 
306 via the internet connection 302 

DIX ethernet can be used for encapsulating the XWD MAC primitives but the 
system is not limited thereto. The ethernet frame format for XWD control frames is 
illustrated in Figure 30. The ethernet header contains a destination address, a source 
address and an ethernet type field. The destination address field contains the ethernet 
address of the MAC entity to which the primative is being sent. For MAC primitives 
invoked by the MAC user, this field will contain the ethernet address of the MAC user. 
For broadcast primitives, this address will be the ethernet broadcast address. The 
source address field contains the ethernet address of the MAC entity invoking the 
primitive. The ethernet type field contains the ethernet type for XWD Possible values 
are XWD_Control for control frames and XWDJData for data frames. These values 
must be different from all the ethernet type values that have been stnadardized and must 
be registered with the controlling authority. 

The ethernet frame then has an XWD header field. The XWD header can be 1 6 
bits long and will only be present for XWD control frames. The fields are illustrated in 
FIG. 3 1 . The ethernet frame also contains a protocol header, a PPP payload field and 
a XWD MAC field. The header values for primitives using ethernet encapsulation are 
illustrated in Table 4 below. 
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In another alternative, the PPP protocol can be terminated in a wireless router 
and then sent on to at least one end system connected to a local area network (LAN) 
As illustrated in FIG. 32, the wireless router 350 receives the PPP protocol information 
via the wireless modem 352. The router 354 receives the PPP information from the 
wireless modem 352 and sends the PPP information to at least one of the end systems 
356, 358, 360 via a LAN link 362. 

Four types of handofF scenarios may occur, and they are labeled: (i) local 
mobility, (ii) micro mobility, (iii) macro mobility, and (iv) global mobility. In all four 
scenarios (in one embodiment of the invention), a route optimization option is not 
considered so that the locations of the home registration server and the ISP's PPP server 
do not change. In another embodiment of the system with route optimization, the lSP=s 
PPP server may change. However, this aspect is discussed below. In addition, the 
locations of the foreign registration server and IWF do not change in the first three 
scenarios. 

The proposed IETF Mobile IP standard requires that whenever an end system 
changes the IP subnet to which it is attached, it sends a registration request message to 
a home agent in its home subnet. This message carries a care-of address where the end 
system can be reached in the new subnet. When traffic is sent, for example, from an ISP 
to an end system, the home agent intercepts the traffic that is bound for the end system 
as it arrives in the home subnet, and then forwards the traffic to the care-of address. The 
care-of address identifies a particular foreign agent in the foreign subnet. An end 
system's foreign agent can reside in the end system itself, or in a separate node that in 
turn forwards traffic to the end system (i.e., proxy registration agent). Mobile IP 
handoffs involve exchange of control messages between an end system's agent, the end 
system's home agent and potentially its corresponding hosts (CHs) (with route 
optimization option). 

The proposed IETF Mobile IP standard would find it difficult to meet the latency 
and scalability goals for all movements in a large internetwork. However, the present 
hierarchical mobility management meets such goals. For small movements (e.g. a change 
of Access Points), only MAC-layer re- registrations are needed. For larger movements, 
network-layer re-registrations are performed. The present hierarchical mobility 
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management is different from the flat-structure used in the IETF proposed Mobile-IP 
standard as well as the serving/anchor inter-working function model used in cellular 
systems like CDPD (based on a standard sponsored by the Cellular Digital Packet Data 
forum). 

As depicted in FLG. 33, the local mobility handoff handles end system 
(designated MN for mobile node) movement between APs that belong to the same 
wireless hub. Thus, only MAC layer re-registration is required. The end system receives 
a wireless hub advertisement from a new AP and responds with a registration request 
addressed to the new AP. 

The new AP (i.e., the one that receives the registration request from the end 
system) creates new entries in its connection table and relays the registration message 
to its wireless hub. In local mobility handoffs, the wireless hub does not change. The 
wireless hub recognizes the end system's registration request as a MAC level registration 
request, and h updates its connection table to reflect the connection to the new AP. 
Then, the old AP deletes the connection entry from its connection table. There are at 
least three ways whereby the old AP can delete the old entries, namely (i) upon time out, 
(ii) upon receiving a copy of the relayed MAC layer association message from the new 
AP to the wireless hub (if this relay message is a broadcast message), and (iii) upon 
being informed by the wireless hub of the need to delete the entry. 

As depicted in FIG 34, the micro mobility handoff handles end system 
(designated MN for mobile node) movement between wireless hubs that belong to the 
same registration server and where the end system can still be served by the existing 
serving IWF. When an advertisement is received from a new wireless hub (through a 
new AP), the end system sends a message to request registration to the registration 
server. The registration request is relayed from the new AP to the new wireless hub to 
the registration server. 

When the registration server determines that the existing IWF can still be used, 
the registration server sends a build XTunnel Request message to request the existing 
IWF to build an XTunnel to the new wireless hub. Later, the registration server sends 
a tear down XTunnel request message to request the existing IWF to tear down the 
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existing XTunnel with the old wireless hub. The build and tear XTunnel Request 
messages can be combined into one message. A foreign registration server does not 
forward the registration message to the home registration server since there is no change 
of IWF, either the serving 1WF or home fWF. 

Upon receiving a positive build XTunnel reply and a positive tear XTunnel reply 
from IWF, the registration server sends a registration reply to end system As the 
registration reply reaches the new wireless hub, the connection table at the new wireless 
hub is updated to reflect the connection to the new AP. The new AP updates its MAC 
filter address table and connection table after receiving a message from the new wireless 
hub, and the registration reply is forwarded to the end system 

The registration server sends a release message to the old wireless hub. When 
the old wireless hub receives the release message, it updates its connection table and the 
MAC filter address table and connection table of the old AP. 

As depicted in FIG. 35, the macro mobility handoff case handles movement 
between wireless hubs that involves a change of the serving IWF in the foreign network, 
but it does not involve a change in the registration server. When an advertisement is 
received from a new wireless hub (through a new AP), the end system sends a message 
to request a network layer registration to the registration server. The registration 
request is relayed from the new AP to the new wireless hub to the registration server 

The registration server recognizes that it is a foreign registration server when the 
end system does not belong to the present registration server's network This foreign 
registration server determines the identity of the home registration server by using a 
request preferably a Radius Access request (RA request), to the foreign directory server 
(like a big yellow pages) and then assigns an appropriate IWF to be the serving IWF, and 
it forwards a registration request to the home registration server, preferably through a 
Radius Access request (RA request), informing the home registration server of the newly 
selected IWF. 

The home registration server authenticates the registration request by using a 
request, preferably a Radius Access request (RA request), to the home directory server 
Upon authenticating the request and determining that the existing home IWF can still 
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be used, the home registration server instructs the home IWF to build a new I-XTunnel 
to the newly assigned serving TWF and to tear down the existing l-XTunnel to the old 
serving IWF. Upon receiving a positive build I-XTunncl reply and a positive tear l- 
XTunnel reply from the home IWF, the home registration server sends a registration 
reply to the foreign registration server. 

The foreign registration server then instructs the newly assigned IWF to build an 
XTunnel to the new wireless hub. Upon receiving a positive build XTunnel reply, the 
foreign registration server instructs the old IWF to tear down the XTunnel to the old 
wireless hub. Upon receiving a positive build XTunnel reply and a positive tear XTunnel 
reply, the foreign registration server sends a registration reply to end system. 

As the registration reply reaches the new wireless hub, the connection table at 
the new wireless hub is updated to reflect the connection to the new AP. The new AP 
updates its MAC filter address table and connection table after receiving a message from 
the new wireless hub, and the registration reply is forwarded to the end system. 

The registration server sends a release message to the old wireless hub When 
the old wireless hub receives the release message, it updates its connection table and the 
MAC filter address table, and the old AP updates its MAC filter address table and 
connection table after receiving a message from the old wireless hub. 

The global mobility handofF case handles movement between wireless hubs that 
involves a change of registration servers. FIG. 36 depicts a global mobility handofF 
where the home IWF does not change, and FIG. 37 depicts a global mobility handofF 
where the home IWF changes. When an advertisement is received from a new wireless 
hub (through a new AP) in a new foreign network, the end system sends a message to 
request a network layer registration to the new foreign registration server The 
registration request is relayed from the new AP to the new wireless hub to the new 
foreign registration server 

The registration server recognizes that it is a new foreign registration server 
when the end system does not belong to the present registration server's network. This 
foreign registration server determines the identity of the home registration server by 
using a request, preferably a Radius Access request (RA request), to the foreign 
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directory server (like a big yellow pages) and then assigns an appropriate IWF to be the 
serving IWF, and it forwards the registration request to the home registration server, 
preferably through a Radius Access request (RA request), informing the home 
registration server of the newly selected IWF. 

The home registration server authenticates the registration request by using a 
request, preferably a Radius Access request {RA request), to the home directory server. 
Upon authenticating the request and determining that the existing home IWF can still 
be used (FIG. 36), the home registration server instructs the home IWF to build a new 
I-XTunnel to the serving IWF newly assigned by the new foreign registration server 
The home registration server also sends a de-registration message to the old foreign 
registration server and instructs the home IWF to tear down the existing I-XTunnel to 
the existing serving IWF of the old foreign network Upon receiving a positive build I- 
XTunnel reply and a positive tear I-XTunnel reply from the home IWF, the home 
registration server sends a registration reply to the new foreign registration server 

The new foreign registration server then instructs the newly assigned IWF to 
build an XTunnel to the new wireless hub. Upon receiving a positive build XTunnel 
reply, the foreign registration server sends a registration reply to end system. As the 
registration reply reaches the new wireless hub, the connection table at the new wireless 
hub is updated to reflect the connection to the new AP. The new AP updates its MAC 
filter address table and connection table after receiving a message from the new wireless 
hub, and the registration reply is forwarded to the end system 

The old foreign registration server instructs the old IWF to tear down the 
XTunnel to the old wireless hub. Upon receiving a positive tear XTunnel reply or 
contemporaneously with the tear down XTunnel request, the old foreign registration 
server sends a release message to the old wireless hub. When the old wireless hub 
receives the release message, it updates its connection table and the MAC filter address 
table, and the old AP updates its MAC filter address table and connection table after 
receiving a message from the old wireless hub. 

Alternatively, after the home registration server authenticates the registration 
request from the new foreign registration server and determines that the existing home 
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IWF cannot be used (FIG. 37), the home registration server chooses a new home IWF 
and instructs the new home IWF to build a new level 2 tunnel protocol tunnel (L2TP 
tunnel) to the present PPP server (e.g., the PPP server in a connected ISP intranet). 
Then, the home registration server instructs the old home TWF to transfer its I.2TP 
tunnel traffic to the new home IWF. 

Then the home registration server instructs the new home IWF to build a new 
I -XTunnel to the serving IWF newly assigned by the new foreign registration server 
The home registration server also sends a de-registration message to the old foreign 
registration server and instructs the home IWF to tear down the existing l-XTunnel to 
the existing serving IWF of the old foreign network. Upon receiving a positive build I- 
XTunnel repry and a positive tear I-XTunnel reply from the home IWF, the home 
registration server sends a registration reply to the new foreign registration server. 

The new foreign registration server then instructs the newly assigned IWF to 
build an XTunnel to the new wireless hub. Upon receiving a positive build XTunnel 
reply, the foreign registration server sends a registration reply to end system. As the 
registration reply reaches the new wireless hub, the connection table at the new wireless 
hub is updated to reflect the connection to the new AP. The new AP updates its MAC 
filter address table and connection table after receiving a message from the new wireless 
hub, and the registration reply is forwarded to the end system. 

The old foreign registration server instructs the old IWF to tear down the 
XTunnel to the old wireless hub Upon receiving a positive tear XTunnel reply or 
contemporaneously with the tear down XTunnel request, the old foreign registration 
server sends a release message to the old wireless hub, When the old wireless hub 
receives the release message, it updates its connection table and the MAC filter address 
table, and the old AP updates its MAC filter address table and connection table after 
receiving a message from the old wireless hub. 

End systems constructed according to the present system interoperate with 
networks constructed according to the proposed IETF Mobile-EP standards, and end 
systems constructed according to the proposed IETF Mobile- IP standards interoperate 
with networks constructed according to the present invention. 
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Differences between the present system and the IETF Mobile-IP (KFC2002, a 
standards document) include: 

(i) The present systcmists a hierarchical concept for mobility management 
rather than a flat structure as in the proposed IETF Mobile- IP standard 
Small mobility within a small area does not result in a network level 

registration. Micro mobility involves setting up of a new Xtunncl and 
tearing down of an existing Xtunnel. Global mobility, at the minimum, 
involves setting up of a new I-XTunnel and tearing down of an existing 
I-Xtunnel apart from the setting up/tearing down of XTunnel. Global 
mobility sometimes also involves setting up a new L2TP Tunnel and 
transferring of L2TP state from the existing L2TP Tunnel to the new 
L2TP Tunnel. 

(ii) In the present invention, a user name plus a realm is used to identify a 
remote dial-up user rather than a fixed home address as in the case of the 
proposed IETF Mobile-IP standard 

(iii) In the present invention, registration and routing functions are carried out 
by separate entities. The two functions are carried out by the home agent 
in the proposed IETF Mobile IP standard, and both functions are carried 
out by the foreign agent in the proposed IEFT Mobile IP standard. In 
contrast, in an embodiment of the present invention, registration is 
carried out in the registration server and routing functions are carried out 
by both the home and foreign IWF and the wireless hub (also referred to 
as the access hub) 

(iv) The present system utilizes three tunnels per PPP session. The XTunnel 
is more of a link-layer tunnel between the wireless hub and the serving 
IWF. The I-XTunnel between the serving IWF and the home IWF is 
more like the tunnel between home and foreign agents in the proposed 
IETF Mobile-IP standard. But it also has additional capabilities beyond 
the tunnels proposed by the Mobile-IP standard The L2TP tunnel is 
used only when home IWF is not a PPP server The number of these 
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tunnels may be reduced by combining some junctions in the same nodes 
as described earlier 

(v) In the present invention, wireless registration occurs before PPP session 
starts white in the proposed IETF Mobile-IP standard, Mobile-CP 
registration occurs after PPP session enters into the open state. 

(vi) In the present invention, the network entity that advertises the agent 
advertisement (i.e., the wireless hub) is not on a direct link to the end 
systems whereas for the proposed IETF Mobile-LP standard, the agent 
advertisement must have a TTL of 1 which means that the end systems 
have a direct link with the foreign agent. In addition, the agent 
advertisement in the present systems not an extension to the ICMP 
router advertisements as in the proposed IETF Mobile-IP standard. 

End systems in the present invention, should support agent solicitation When 
an end system in the present system visits a network which is supporting the proposed 
IETF Mobile-IP standard, it waits until it hears an agent advertisement. If it does not 
receive an agent advertisement within a reasonable time frame, it broadcasts an agent 
solicitation. 

In the present invention, network operators may negotiate with other networks 
that support the proposed IETF Mobile-IP standard such that home addresses can be 
assigned to the end systems of the present system that wish to use other networks. 
When the end system of the present system receives the agent advertisement, it can 
determine that the network it is visiting is not an a network according to the present 
system and hence uses the assigned home address to register 

For networks supporting the proposed IETF Mobile- CP standard, the PPP 
session starts before Mobile- IP registration, and the PPP server is assumed to be 
collocated with the foreign agent in such networks. In one embodiment, an SNAP 
header is used to encapsulate PPP frames in the MAC frames of the present systcm(in 
a manner similar to Ethernet format), and the foreign agent interprets this format as a 
proprietary PPP format over Ethernet encapsulation. Thus, the end system of the 
present system and its PPP peer can enter into an open state before the foreign agent 
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starts transmitting an agent advertisement, and the end system of the present system can 
register. 

To allow end systems supporting the proposed IETF Mobile-IP standard to 
work in networks of the type of the present invention, such mobiles are at least capable 
of performing similar MAC layer registrations. By making the agent advertisement 
message format similar to the proposed Mobile-IP standard agent advertisement message 
format, a visiting end system can interpret the agent advertisement and register with a 
wireless hub. In the present invention, registration request and reply messages are 
similar to the proposed IETF Mobile-IP standard registration request and reply messages 
(without any unnecessary extensions) so that the rest of the mobility management 
features of the present system are transparent to the visiting end systems. 

Since end systems supporting the proposed IETF Mobile-IP standard expect a 
PPP session to start before Mobile- IP registration, an optional feature in wireless hubs 
of the present system starts to interpret PPP LCP, NCP packets after MAC-layer 
registrations. 

To avoid losing traffic during handoffs, the mobility management of the present 
systemists the make before break concept. For local mobility, a make before break 
connection is achieved by turning the MAC-laycr registration message relayed by the 
new AP to the wireless hub into a broadcast message. That way, the old AP can hear 
about the new registration and forward packets destined for the end system that have not 
been transmitted to the new AP 

For micro mobility, information about the new wireless hub is included in the 
Tear XTunnel message exchanged between the serving IWF and the old WH That way, 
the old wireless hub can forward buffered packets to the new wireless hub upon hearing 
a Tear XTunnel message from the serving IWF. Alternatively, the RLP layer at the r\VF 
knows the sequence number thai has been acknowledged by the old wireless hub so far 

At the same time, the IWF knows the current send sequence number of the latest 
packet sent to the old wireless hub Therefore, the IWF can forward those packets that 
are ordered in between these two numbers to the new wireless hub before sending newer 
packets to the new wireless hub. The RLP layer is assumed to be able to filter duplicate 
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packet. The second approach is probably preferable to the first approach for the old 
wireless hub may not be able to communicate with one another directly. 

For macro mobility, the old serving IWF can forward packets to the new serving 
IWF, in addition to the packet forwarding done from the old wireless hub to the new 
wireless. All we need to do is to forward the new serving IWF identity to the new 
serving rWF in the tear down 1-XTunnel message. Another way to achieve the same 
result is to let the home IWF forward the missing packets to the new serving IWF rather 
than asking the old serving IWF to do the job since the home IWF knows the I-XTunnel 
sequence number last acknowledged by the old serving IWF and the current I-XTunnel 
sequence number sent by the home IWF. 

The method of estimating how much buffer should be allocated per mobile per 
AP per wireless hub per IWF such that the traffic loss between handofFs can be 
minimized is to let the end system for the AP for the wireless hub for the IWF estimate 
the packet arrival rate and the handoff time. This information is passed to the old AP 
of the wireless hub of the IWF to determine how much traffic should be transferred to 
the new AP of the wireless hub of the IWF, respectively, upon handofFs. 

To achieve route optimization in the present invention, the end system chooses 
the PPP server closest to the serving IWF. Without route optimization, excessive 
transport delays and physical line usage may be experienced. 

For example, an end system subscribed to a home network in New York City 
may roam to Hong Kong. To establish a link to a Hong Kong ISP, the end system 
would have a serving IWF established in a wireless hub in Hong Kong and a home IWF 
established in the home network in New York City. A message would then be routed 
from the end system (roamed to Hong Kong) through the serving IWF (in Hong Kong) 
and through the home IWF (in New York City) and back to the Hong Kong ISP 

A preferred approach is to connect from the serving IWF (in Hong Kong) 
directly to the Hong Kong ISP. The serving IWF acts like the home IWF. In this 
embodiment, roaming agreements exist between the home and foreign wireless 
providers. In addition, the various accounting/billing systems communicate with one 
another automatically such that billing information is shared. Accounting and billing 
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information exchange may be implemented using standards such as the standard 
proposed by the ROAMOPS working group of the IETF. 

However, the serving IWF must still discover the closest PPP server (e.g., the 
Hong Kong ISP). In the present embodiment, the foreign registration server learns of 
the end system's desire to connect to a PPP server (e.g., a Hong Kong ISP) when it 
receives a registration request from the end system. When the foreign registration server 
determines that the serving IWF is closer to the desired PPP server (e.g., the Hong Kong 
ISP) than the home IWF is, the foreign registration server instructs the serving IWF to 
establish an L2TP tunnel to its nearest PPP server (in contrast to the PPP server closest 
to the home registration server and home IWF), Then, the foreign registration server 
informs the home registration server that the end system is being served by the serving 
IWF and the foreign PPP. 

In an alternative embodiment, the foreign registration server determines that the 
serving IWF is closer to the desired PPP server (e.g., the Hong Kong ISP) than the 
home IWF is, when it receives a registration request from the end system. The foreign 
registration server relays the registration request message to the home registration server 
with an attached message indicating the serving IWF information and a notification that 
route optimization is preferred At the same time, the foreign registration server 
instructs the serving IWF to establish an L2TP tunnel to the PPP server Upon 
approving the registration request, the home registration server instructs the home IWF 
to transfer the L2TP state to the foreign rWF 

Having described preferred embodiments of a novel network architecture with 
wireless end users able to roam (which are intended to be illustrative and not 
limiting), it is noted that modifications and variations can be made by persons skilled 
in the art in light of the above teachings. For example, connection links described 
herein may make reference to known connection protocols (e.g., IP, TCP/IP, L2TP, 
IEEE 802.3, etc.); however, the system contemplates other connection protocols in 
the connections links that provide the same or similar data delivery capabilities. 
Acting agents in the above described embodiments may be in the form of software 
controlled processors or may be other form of controls (e.g., programmable logic 
arrays, etc.). Acting agents may be grouped as described above or grouped otherwise 
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in keeping with the connection teachings described herein and subject to security and 
authentication teachings as described herein. Furthermore, a single access point, 
access hub (i.e., wireless hub) or inter-working function unit (IWF unit) may provide 
multi-channel capability. Thus, a single access point or access hub or IWF unit may 
act on traffic from multiple end systems, and what is described herein as separate 
access points, access hubs or IWF units contemplates equivalence with a single multi- 
channel access point, access hub or IWF unit. It is therefore to be understood that 
changes may be made in the particular embodiments of the system disclosed which 
are within the scope and spirit of the systems defined by the appended claims. 

Having thus described the system with the details and particularity required 
by the patent laws, what is claimed and desired protected by Letters Patent is set forth 
in the appended claims. 

4. Brief Description Of Drawings 

The system will be described in detail in the following description of 
preferred embodiments with reference to the following figures wherein: 

FIG. 1 is a configuration diagram of a known remote access architecture 
through a public switched telephone network; 

FIG. 2 is a configuration diagram of a remote access architecture through a 
wireless packet switched data network according to the present invention; 

FIG. 3 is a configuration diagram of selected parts of the architecture of the 
network of FIG. 2 showing a roaming scenario; 

FIG. 4 is a configuration diagram of a base station with local access points; 

FIG, 5 is a configuration diagram of a base station with remote access points'; 

FIG. 6 is a configuration diagram of a base station with remote access points, 
some of which are connected using a wireless trunk connection; 

FIG. 7 is a diagram of a protocol stack for a local access point; 

FIG. 8 is a diagram of a protocol stack for a remote access point with a 
wireless trunk; 

FIG. 9 is a diagram of a protocol stack for a relay function in the base station 
for supporting remote access points with wireless trunks; 
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FIG. 10 is a diagram of protocol stacks for implementing the relay function 
depicted in FIG. 9; 

FIG. 1 1 is a diagram of protocol stacks for a relay function in the base station 
for supporting local access points; 

FIG. 12 is a configuration diagram of selected parts of the architecture of the 
network of FIG. 2 showing a first end system registering in the home network from 
the home network and a second system registering in the home network from a 
foreign network using a home inter-working function for an anchor; 

FIG. 13 is a configuration diagram of selected parts of the architecture of the 
network of FIG. 2 showing a first end system registering in the home network from 
the home network and a second system registering in the home network from a 
foreign network using a serving inter-working function for an anchor; 

FIG. 14 is a ladder diagram of the request and response messages to register 
in a home network from a foreign network and to establish, authenticate and 
configure a data link; 

FIG. 15 is a configuration diagram of selected parts of the architecture of the 
network of FIG. 2 showing registration requests and responses for registering a 
mobile in a home network from the home network; 

FIG. 16 is a configuration diagram of selected parts of the architecture of the 
network of FIG. 2 showing registration requests and responses for registering a 
mobile in a home network from a foreign network; 

FIG. 17 is a configuration diagram of protocol stacks showing 
communications between an end system in a home network and an inter -working 
function in the home network where the cell site has local access points; 

FIG. 18 is a configuration diagram of protocol stacks showing 
communications between an end system in a home network and an inter-working 
function in the home network where the cell site has remote access points coupled to 
a wireless hub through a wireless trunk; 
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FIG. 19 is a configuration diagram of protocol stacks showing 
communications between a base station coupled to a roaming end system and a home 
inter-working function; 

FIG. 20 is a configuration diagram of protocol stacks showing 
communications between an end system in a home network through an inter-working 
function in the home network to an internet service provider ; 

FIG, 21 is a configuration diagram of protocol stacks showing 
communications between an end system in a foreign network and a home registration 
server in a home network during the registration phase; 

FIG. 22 is a processing flow diagram showing the processing of accounting 
data through to the customer billing system; 

FIGS. 23 and 24 are ladder diagrams depicting the registration process for an 
end system in a home network and in a foreign network, respectively; 

FIGS. 25 and 26 are protocol stack diagrams depicting an end system 
connection in a home network where a PPP protocol terminates in an inter-working 
function of the home network and where the PPP protocol terminates in an ISP or 
intranet, respectively; 

FIGS. 27 and 28 are protocol stack diagrams depicting an end system 
connection in a foreign network where a PPP protocol terminates in an inter-working 
function of the foreign network and where the PPP protocol terminates in an ISP or 
intranet, respectively; 

FIG. 29 illustrates end systems connected via ethernet to a wireless modem 
where PPP protocol is encapsulated in an ethernet frame; 

FIG. 30 illustrates an ethernet frame format; 

FIG. 31 illustrates XWD Header fields; 
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FIG. 32 illustrates end systems connected via a local area network to a 
wireless router where PPP protocol terminates at the wireless router; 

F[GS. 33, 34 and 35 are ladder diagrams depicting a local handoff scenario, 
a micro handoff scenario and a macro handoff scenario, respectively; 

FIG. 36 is a ladder diagram depicting a global handoff scenario where the 
foreign registration server changes and where home inter-working function does not 
change; and 

FIG. 37 is a ladder diagram depicting a global handoff scenario where both 
the foreign registration server and the home inter-working function change. 
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1- Abstract 

A wireless data network which provides communications with a Pier to Pier 
Protocol server is disclosed. The network includes a home network that includes a 
home mobile switching center, a wireless modem and one or more end system. The 
wireless modem and the end systems are connected together via an ethernet link. The 
network also includes a PPP server, wherein PPP information sent from PPP server 
for the end systems is encapsulated by the wireless modem in an ethernet frame and 
sent to the end systems via the ethernet link. 



2. Representative Drawing 

FIG. 2 



